In  search  of  SIM 

Network  management  vendors  are  jockeying  for  posi¬ 
tion  in  a  race  to  offer  security  information  manage¬ 
ment  capabilities.  PAGE  8. 


Telecom  standardization 

Kevin  Lopez,  national  telecom  director 
for  accounting  firm  Grant  Thornton,  describes 
his  company’s  IP  PBX  rollout.  PAGE  43. 


Notes  client  revamp 

IBM/Lotus  is  overhauling  its  Notes  client  to  give 
users  a  more  functional,  integrated  package. 

PAGE  23. 
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Roller  coaster  packs 
more  technology  than 
some  datacenters 
—  not  that  riders  care. 

BY  ANITA  TAFF-RICE 

In  the  time  it  takes  to  fin¬ 
ish  reading  this  sentence, 
you  and  1 7  others  could 
have  rocketed  from  0  to  120 
miles  per  hour,  turned  at  a 
90-degree  angle  and  head¬ 
ed  straight  to  the  top  of  a 
42-story  building,  plummet¬ 
ed  in  a  free  fall,  whipped 
through  a  270-degree 
corkscrew  and  traveled 
almost  one-half  of  a  mile. 

If  you  were  riding  on  the 
Top  Thrill  Dragster,  that  is. 

The  Dragster,  which  over¬ 
looks  Lake  Erie  at  the 
See  Roller  coaster,  page  16 


The  ROI  of  VoIP 

A  fresh  look  at  the  true  costs  and  savings  of  a 
voice-over-IP  rollout. 


Microsoft 
encroaching 
on  storage 
territories 


The  real-world  numbers  are  in. 

Nemertes  Research  surveyed 
65  enterprise  customers  on 
theirVolP  rollouts  and  compiled 
the  results  into  a  practical 
step-by-step  guide  to  fig¬ 
uring  the  ROI  of  a  VoIP 
project.  This  key  planning 
tool  contains  data  on  what 
your  peers  are  spending 
for  pre-planning,  capital 
items  and  operations.  And 
don’t  forget  that  you  need 
to  set  aside  money  for 
VoIP  management  tools 
and  staff  training. 

On  the  savings  side  of  the 
ledger,  the  research  provides 
a  dollars-and-cents  frame¬ 
work  for  calculating  cost 
savings  in  areas  such  as 
international  long  distance  and 
local  loop,  plus  moves,  adds  and 
changes.  And  the  savings  don't  stop  there  —  the 
research  turned  up  ways  to  figure  the  cost  savings  per  minute 
on  a  switch  to  audioconferencing  over  the  IP  network.  Page  36. 


GREG  MALBY 


BY  DENI  CONNOR 

Microsoft  might  not  be  the  first 
company  that  comes  to  mind 
when  you  think  of  network  stor¬ 
age,  but  the  company’s  announce¬ 
ment  last  week  that  it  soon  will 
ship  continuous  data-protection 
software  put  storage  customers 
and  vendors  on  notice  that  it  is 
getting  increasingly  serious  about 
this  market. 

For  customers,  Microsoft’s 
System  Center  Data  Protection 
Manager  (DPM)  widens  the  selec¬ 
tion  in  a  new  g  Read  more 
but  fast-grow-  about  what 
ing  market  for  Microsoft  has  in 
products  that  store.  Page  10. 
continuously  back  up  storage  and 
let  users  retrieve  files  they  might 
have  lost. 

For  storage  management  ven¬ 
dors,  Microsoft’s  offering  is  a  sign 
that  the  company  is  no  longer  just 
developing  products  that  comple¬ 
ment  theirs.  Microsoft  entered 
the  storage  market  a  few  years 
back,  mainly  by  marketing  tools 
that  companies  used  to  build 
storage  systems  for  Windows  net¬ 
works.  Now  Microsoft  is  delivering 
See  Microsoft,  page  14 


Many  minds,  one  goal:  Curb  bad  traffic 


BY  TIM  GREENE 

CAMBRIDGE,  Mass.  —  Some  of 
the  best  Internet  minds  in  the 
world  met  for  the  first  time  last 
week  to  brainstorm  new  ways  to 
defend  against  ‘Net-clogging 
threats. 


The  Usenix  invitation-only  work¬ 
shop  —  called  Steps  to  Reducing 
Unwanted  Traffic  on  the  Internet 
(SRUTI)  —  brought  together 
more  than  50  technical  staff  from 
equipment  vendors  and  ISPs,  as 
well  as  academics  from  all  over 


the  world,  to  develop  practical 
methods  to  cut  down  on  spam, 
viruses,  worms  and  denial-of-ser- 
vice  attacks.  (Sruti,  by  the  way  is  a 
Sanskrit  word  meaning  “that 
which  is  heard”.) 

See  SRUTI,  page  13 


1995:  On  an  average  day,  49-million  Web 
addresses  and  emails  were  processed  across 
the  Internet. 

2005:  Today  and  every  day,  VeriSign  Intelligent 
Infrastructure  directs  over  14-billion  Web 
addresses  and  emails. 


1995:  In  one  year,  90-million  people  used  their  mobile 
phones  to  make  and  receive  calls. 

2005:  Today  and  every  day,  VeriSign  Intelligent 
Infrastructure  delivers  high-quality  voice  and  interactive 
content  services  to  over  1.5-billion  mobile  users,  including 
hundreds  of  millions  of  calls  and  SMS  messages  and  over 
700,000  ring  tones,  pictures,  and  games. 


©2005  VeriSign.  Inc.  All  rights  reserved.  VeriSign.  the  VeriSign  logo.  "Where  it  all  comes  together,"  and  other  trademarks,  service  marks,  and  designs  are  registered  or  unregistered  trademarks  of  VeriSign  and 
its  subsidiaries  in  the  United  States  and  in  foreign  countries. 
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1995:  In  one  year,  the  total  of  all  online 
shopping  transactions  reached  $362-million. 

2005:  Today  and  every  day,  VeriSign  Intelligent 
Infrastructure  enables  over  $100-mi!lion  in 
secure  e-commerce  transactions. 


1995:  At  year  end,  a  total  of  25,000  Web  sites 
existed,  only  3,000  of  which  had  implemented 
any  security  measures. 

2005:  Today  and  every  day,  VeriSign  Intelligent 
Infrastructure  secures  over  450,000  Web  sites 
and  monitors  over  1-billion  security  events  for 
over  3,000  global  enterprises. 
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For  the  last  decade,  VeriSign  has  helped  drive  dramatic  transformation  in  the  delivery  of  communications,  commerce,  and  content. , 

With  a  simple  and  unwavering  mission  to  enable  and  protect  all  forms  of  interactions  over  voice  and  data  networks,  VeriSign  Intelligent  ■  _ . 

Infrastructure  Services  are  powering  today's  migration  from  an  analog  to  a  digital  world.  Which  is  why  global  enterprises,  carriers,  ' 
retailers,  and  entertainment  providers  are  turning  to  VeriSign  to  accelerate  new  revenue  opportunities  and  sharpen  their  competitive  /w  • 
edge.  And  as  next-generation  networks  emerge  and  converge,  VeriSign  will  continue  to  be  Where  it  all  comes  together.™ 
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Sharethe  fast  lane.  The  pace  of  modern-day  investing  can  boggle  the  mind.  And  overwhelm  the  data  center.  So  Sun  and 
on  faster,  next-generation  systems  for  Wall  Street'.  Benchmarks  show  that  Sun  Fire’*  V40z  servers,, 
processors,  deliver  world  record  performance.'  And  dual-core  processing  helps  save  r 
power; costs  alone?  That’s  what  financial  firms  call  a  smart  investment.  The  performance  is  t 
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Available  only  on  NetworkWorld.com 


IT  Borderlands 

Being  an  IT  professional  today 

means  more  than  just  fielding 
help  desk  calls  or  installing  soft¬ 
ware.  Ken  Fasimpaur  writes  about 
life  as  an  IT  pro  in  our  newest 
blog,  IT  Borderlands,  which  he 
describes  as  "every  place  where 
the  'traditional'  skills  and  tasks  of 
the  information  technology  field 
meet  and  mingle  with. . . .  every¬ 
thing  else." 

DocFinder:  7944 

Network  World  Radio/Podcast: 
Anti-spam  techniques 

We  speak  with  author  and  anti¬ 
spam  developer  Jonathan  Zdziarski 
about  his  DSPAM  application  and 
Bayesian  filtering  techniques. 


Zdziarski  also  has  a  book  coming 
out  this  week,  "Ending  Spam," 
DocFinder:  7945 

Multimedia  Exchange 
Skype  Toolbar  for  Outlook 

Multimedia  Editor  Jason  Meserve 
looks  at  a  new  toolbar  that  inte¬ 
grates  Skype  into  Outlook,  making  it 
easier  to  sync  up  and  connect  with 
contacts  in  both  applications. 
DocFinder:  7946 

Forum:  An  open  letter  to  the  open 

source  community 

Readers  react  to  our  open  letter 

Some  think  were  dead-on  in  our 
requests,  while  others. . .  well . . . 
head  over  to  the  forum  and  see  for 
yourself.  DocFinder:  7947 


Online  help  and  advice 


How  to  determine  the  real-world  costs  and  benefits  of  a  conversion  to 
VoIP.  This  step-by-step  guide  takes  you  through  the  cost  side  of  the 
equation,  including  everything  from  start-up  costs  to  management 
tools  to  staff  training.  And  it  provides  a  framework  for  figuring  cost 
savings  in  areas  such  as  international  long-distance,  local  loop  and 
audioconferencing,  plus  moves,  adds  and  changes.  Page  36. 


Nutter's  Help  Desk 
Fixing  network  card  timeouts 

Help  Desk  guru  Ron  Nutter  helps  a 
user  whose  Internet  connection 
keeps  timing  out.  Is  the  problem  in 
the  router,  the  network  interface 
card  or  somewhere  else?  Nutter 
investigates.  DocFinder:  7949 

Home  LAN  Adventures 

Two  ways  to  watch  TV  via  your  net 


Home  network  writer  Keith  Shaw 
examines  Plextor’s  ConvertX  PX- 
TV100U  Personal  Video  Recorder 
and  Slingbox  from  Sling  Media. 
DocFinder:  7950 

Cache  Advance 

Get  used  to  competing  for  jobs 

Columnist  Linda  Musthaler  looks  at 
the  future  for  IT  professionals. 
DocFinder:  7951 


Clear  Choice  Test:  If  you're  a  small  business 

looking  for  e-mail,  file  and  print  sharing  and  a  Web  presence 
in  one  box,  check  out  EmergeCore's  IT-100.  Page  39. 


Clear  Choice  Test:  IPControl  from  International 

Network  Services  gets  high  marks  on  its  ease  of  use  and  low 
cost.  Page  40. 


Seminars  and  events 


IT  strategies  for  small  to  midsize  businesses:  A  practical  blueprint  for 
smart  growth. 

This  new  Technology  Tour  Event  and  Expo  is  packed  with  the  practical  guid¬ 
ance  you  need  to  create  an  IT  strategy  that  saves  wasted  expenditures  and 
your  sanity.  Spend  six  hours  that  could  put  tens  of  thousands  of  dollars  back 
to  work  elsewhere  in  your  business.  Want  in?  Qualify  and  you  can  attend 
free.  DocFinder:  7953 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder:  1001 


COOLTOOLS 


Tune  in  to  TV  via  your 
network  with  Sling 
Media's  Slingbox. 

Page  32. 
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Ebbers  to  be  sentenced  Wednesday 

S  Former  WorldCom  CEO  Bernard  Ebbers  will  learn  his  fate 
this  week.  Ebbers  will  be  sentenced  Wednesday  for  his  March 
conspiracy  and  fraud  conviction  in  connection  with  the 
largest  bankruptcy  in  U.S.  history  Ebbers  faces  up  to  85  years 
in  prison.  Scott  Sullivan,  former  CFO,  who  took  the  stand 
against  Ebbers  claiming  the  former  CEO  orchestrated  the 
fraud  that  brought  the  second-largest  telecom  company  to  its 
knees,  is  expected  to  be  sentenced  in  August.  WorldCom  is  now  known  as  MCI 
and  emerged  from  bankruptcy  in  April  2004. 


TheGoodTheBadTheUgly 

<  Healthy  spam?  People  who  digested  a 
steady  diet  of  e-mails  that  promote  good  health 
were  found  to  eat  better  and  increase  physical 
activity,  according  to  a  study  from  the  University 
of  Alberta.  The  12-week  study  of  2,598  Canadian 
workers  will  be  published  in  the  American  Journal 
of  Health  Promotion, 

Those  slippery  tapes.  Data 

archiving  company  Iron  Mountain  last  week  said  it 
lost  customer  data  back-up  tapes,  the  second 
time  it  has  acknowleged  such  a  problem  in  the  last 
few  months.  Last  week,  the  company  tnld  The  Boston  Globe  that  it  had 
misplaced  data  back-up  tapes  from  the  City  National  Bank  of  Los 
Angeles.  Earlier,  the  company  made  headlines  for  losing  tapes  contain¬ 
ing  data  on  about  600,000  Time  Warner  employees. 


SCO  to  depose  Palmisano 

■  The  SCO  Group’s  legal  battle  with  IBM  continues  its 
slow  march  to  trial.  In  a  ruling  issued  July  1,  U.S. 
District  Judge  Dale  Kimball  set  a  new  trial  date  of  Feb. 
26, 2007.  The  jury  trial  had  been  scheduled  to  begin 
this  November.  The  rescheduling,  to  give  the  parties 
time  for  pretrial  preparations,  came  as  Kimball  grant¬ 
ed  SCO’s  request  to  depose  IBM  CEO  Sam  Palmisano. 
While  IBM  opposed  the  Palmisano  deposition,  saying 
that  the  information  SCO  sought  could  be  gathered 
from  other  sources,  Kimball  ruled,  “Mr.  Palmisano 
could  have  unique  personal  knowledge  related  to  the 
claims  in  this  action.”  SCO  filed  its  $3  billion  lawsuit 
against  IBM  in  2003,  claiming  the  company  had  ille¬ 
gally  ported  SCO’s  proprietary  Unix  code  into  Linux. 
IBM  denies  the  claims. 

Google  among  investors  in  BPL 

B  Current  Communications  Group,  a  provider  of 
broadband  over  power  line  service,  has  received  fund¬ 
ing  from  Google;  Goldman,  Sachs  &  Co.  and  The 
Hearst  Corp.,  the  company  announced  last  week. 
Current  Communications,  which  is  selling  BPL 
Internet  service  in  the  Cincinnati  area,  received  “sig¬ 
nificant”  funding  from  the  three  companies,  says  Scott 
Bruce,  general  manager  of  the  company.  Bruce 
declined  to  disclose  the  amount  of  investment, 
although  The  Wall  Street  Journal  pegged  the  new 
round  of  funding  at  about  $100  million. In  March  2004, 
Current  Communications  and  Cinergy  Broadband 
LLC,  a  subsidiary  of  Cinergy  Corp.,  announced  invest- 
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“With  the  Internet,  there’s  been 
no  effect. There’s  a  lot  of  traffic 
flowing  to  the  news  sites,  which 
are  holding  up  very  well.” 

Vanessa  Evans ,  spokeswoman,  London  Internet  Exchange,  in  the 
hours  after  last  week’s  terrorist  attack. 


ments  of  $70  million  as  the  partners  began  rolling  out 
BPL  service  in  the  Cincinnati  area.  The  rollout 
includes  broadband  service  and  VoIP  service. 

Microsoft  to  release  patches 

■  Microsoft  is  set  to  release  three  software  patches 
this  week  covering  critical  flaws  in  its  Windows  oper¬ 
ating  system  and  Microsoft  Office.  The  company  also 
plans  to  release  an  updated  version  of  its  Windows 
Software  Removal  Tool. The  patches,  which  Microsoft 
calls  “updates,”  will  come  as  part  of  the  company’s  reg¬ 
ular  monthly  patch  release  cycle.  Microsoft  releases 
most  software  patches  on  the  second  Tuesday  of  each 
month,  a  date  that  has  come  to  be  known  as  “Patch 
Tuesdayf  by  security  professionals.  The  company  did 
not  release  any  details  on  the  specific  nature  of  the 
patches,  except  to  say  that  some  of  them  will  be  rated 


“ Larry  and  Jeff  were  having 
fun  training  their  new  Robo- 
Pooch  the  FETCH  command, 
but  they  were  still  having  trou¬ 
ble  with  the  DUMP  command.  ” 


Jay  Moore  of  Etta,  Miss.,  wins  our  latest  Weekly  Caption  Contest  with  the  above 
entry.  Check  in  every  Monday  for  the  start  for  a  new  round  and  enter  to  win  Layer  8 
prizes,  www.networkworld.com/webiogs/layer8 


Getting  Chippy.  Broadcom  has  filed  an  antitrust  suit 
against  cell  phone  chip  maker  Qualcomm,  charging  it  with  unfair 
licensing  practices.  In  a  complaint  filed  in  the  U.S.  District  Court  for 
the  District  of  New  Jersey,  Broadcom  accused  Qualcomm  of  abusing 
the  wireless  standards-setting  process,  failing  to  license  technologies 
for  cellular  wireless  standards  on  fair  and  reasonable  terms,  and 
other  anticompetitive  practices  (see  www.networkworld.com, 
DocFinder:  7958).  Qualcomm  could  not  be  immediately  reached  for 
comment. 


“critical,”  meaning  flaws  could  allow  malicious  code 
to  be  installed  on  an  affected  computer  without  user 
action. 

Alltel  ordered  to  sell  off  assets 

■  The  U.S.  Department  of  Justice  is  requiring  Alltel  to 
sell  off  some  of  its  assets  in  three  central  U.S.  states 
before  completing  a  $6  billion  acquisition  of  compet¬ 
ing  wireless  carrier  Western  Wireless.  The  Justice 
Department,  in  a  settlement  announced  last  week, 
says  it  will  approve  the  acquisition  if  a  court  approves 
its  divestiture  requirements.  The  Justice  Department’s 
conditions  require  Alltel,  the  sixth-largest  wireless  car¬ 
rier  in  the  U.S.,to  divest  assets  in  Kansas, Nebraska  and 
Arkansas.  The  FCC  must  also  approve  the  merger. 
Alltel,  with  about  8.8  million  wireless  customers, 
announced  in  January  its  plans  to  acquire  Western 
Wireless,  the  nation’s  ninth-largest  wireless  carrier,  with 
about.  1.4  million  U.S.  customers. 

Business  Objects  off  the  hook 

■  Business  Objects  SA  will  not  face  charges  from  the 
U.S.  Securities  and  Exchange  Commission.  The  busi¬ 
ness  intelligence  software  developer  warned  last 
August  that  the  SEC  had  opened  an  inquiry  and 
intended  to  recommend  that  a  civil  action  be  initiat¬ 
ed  against  Business  Objects,  alleging  that  the  compa¬ 
ny  violated  provisions  of  the  Securities  and  Exchange 
Act  of  1934  relating  to  periodic  reporting  require¬ 
ments.  However,  the  informal  inquiry  has  ended  with¬ 
out  recommendation  for  any  enforcement  action,  the 
company  said  it  had  been  told  by  SEC  staff. 


lift  f!t»  ftl» 
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eyes  on  security  management 


Network  and  systems  management  vendors  buying  their  way  into  the  market. 


Making  security  plays 


Management  software  makers,  network  giants  and  security  vendors  are  all  vying  for  the  biggest 
piece  of  the  security  information  and  event  management  market. 


Company 

Acquisition 

Price 

Announced 

Details 

Micromuse 

GuardedNet 

S16.2  million 

July  2005 

Micromuse  plans  to  integrate  GuardedNet’s  newSecure  with 
Micromuse  Netcool  for  Security  Management  software. 

Cisco 

Protego  Networks 

$65  million 

December  2004 

Cisco  folded  Protego's  appliance,  Mitigation  and  Response 
System,  into  its  Cisco  Security,  Monitoring,  Analysis  and 
Response  System. 

Symantec 

Veritas 

$13.5  billion 

December  2004 

Symantec  could  use  the  Veritas  technology  to  conquer  the 
data  storage  challenge  that  many  SIM  vendors  face  today. 

BY  DENISE  DUBIE 

Network  and  systems  manage 
ment  vendors  have  been  on  a 
shopping  spree  of  sorts  for  some 
time  now,  and  the  current  must- 
have  item  on  their  list  is  security 
information  management. 

Following  Micromuse’s  an¬ 
nouncement  earlier  this  month 
that  it  would  acquire  GuardedNet 
for  $16.2  million,  industry  watch¬ 
ers  speculate  that  the  purchase 
might  mark  the  beginning  of  the 
end  for  pure-play  SIM  vendors.  In 
Micromuse’s  case,  the  purchase 
would  augment  that  company’s 
Netcool  for  Security  Management 
offering  with  more-sophisticated 
correlation  and  reporting  tools, 
the  company  says.The  acquisition 
also  contributes  to  a  trend  that 
Cisco  kicked  off  last  December 
when  it  acquired  SIM  vendor 
Protego  Networks. 

“Systems  management  and 
other  vendors  are  looking  at  SIM 
as  an  area  with  high  growth 
potential,  and  they  will  work  to 
sell  integrated  products  to  their 
installed  bases,”  says  Stephen 
Elliot,  a  senior  analyst  with  IDC. 
“Computer  Associates  may  do 
SIM  on  its  own,  but  acquisition 
could  provide  the  fastest  time  to 
market  for  other  vendors.” 

Acquisition  isn’t  the  only  route 
vendors  are  taking  to  deliver 
SIM.  Cisco  also  licenses  SIM 
technology  from  netForensics  to 
augment  its  network  security 
plans;  HP  last  month  announced 
it  had  partnered  with  ArcSight  to 
provide  OpenView  Compliance 
Manager;  and  storage  giant  EMC 
joined  forces  with  SenSage  to 
couple  its  Centera  storage  prod¬ 
ucts  with  SenSage’s  event  log  col¬ 
lection  and  retention  features.  CA 
and  IBM  Tivoli  separately  offer 
stand-alone  or  bundled  manage¬ 
ment  applications  that  deliver 
SIM  capabilities. 

Management  vendors  cite  obvi¬ 
ous  synergies  between  the  two 
technologies  as  the  reason  why 
security  events  should  be  man¬ 
aged  alongside  network  events  to 
best  protect  against  threats  and  to 
optimize  network  performance. 

Others  think  vendors  could  be 
motivated  by  potential  revenue. 
The  Yankee  Group  estimates  the 
$330  million  SIM  market  could 
grow  to  close  to  $800  million 


by  2009. 

Yet  industry  watchers  say  tack¬ 
ling  security  will  require  manage¬ 
ment  vendors  to  do  more  than 
develop  an  add-on  software  mod- 
ule.The  differences  between  secu¬ 
rity  events  and  network  events 
could  require  vendors  to  enhance 
their  event  correlation,  data  ware¬ 
housing  and  storage  capabilities. 

“Security  information  should 
definitely  be  integrated  with  net¬ 
work  management  information  in 
terms  of  common  workflows  and 
databases,  and  the  market  will 
consolidate,”  says  George  Hamil¬ 
ton,  a  senior  analyst  with  The 
Yankee  Group.  “But  management 
vendors  may  not  be  taking  into 
account  the  fact  that  security  has 
the  steepest  innovation  curve  of 
any  technology  out  there.” 

Not  only  would  tackling  SIM 
challenge  network  management 
vendors  to  bone  up  on  their  secu¬ 
rity  skills,  but  it  also  would  require 
them  to  change  the  way  their 
products  work.  While  SIM  prod¬ 
ucts  typically  consist  of  software, 
servers  and  agents,  or  probe  appli¬ 
ances  that  collect  logs  from 
devices,  the  resemblance  to  net¬ 
work  management  tools  could 
end  there.  SIM  tools  contain  more 
intelligence  specific  to  security 
events  and  are  geared  toward 
reacting  to  constant  change, 
whereas  network  management 
software  works  to  document 
approved  changes  and  prevent 
unwanted  alterations  to  device 
and  software  configurations. 

“Management  vendors  will  con¬ 
tend  that  security  is  a  sub-element 
of  management,  but  the  whole 
goal  for  the  [network  and  systems 
management]  vendors  is  to  fight 
change,  to  make  sure  everything 
stays  the  way  it’s  supposed  to  and 


to  reduce  the  cost  of  manual 
repetitive  actions,”  says  John 
Pescatore,  a  vice  president  at 
Gartner.  “Security  management  is 
the  opposite.  It  requires  the  ability 
to  react  quickly  to  constant 
change.There  are  only  a  few  repet¬ 
itive  actions  on  the  security  side.” 

With  several  competitors  — 
ArcSight,  e-Security  Intellitactics, 
netForensics,  Network  Intelli¬ 
gence  and  OpenService,  to  name 
a  few  —  and  little  differentiation 
in  the  SIM  market,  industry  ana¬ 
lysts  say  pure-play  vendors  will 
have  to  fight  to  remain  profitable 
and  to  contend  with  larger  man¬ 
agement  vendors  aggressively 
working  to  incorporate  the  secu¬ 
rity-specific  tools  into  their  prod¬ 
uct  suites. 

“SIM  vendors  are  going  to  have 
to  find  a  way  to  expand  their 
capabilities  and  expand  their 
reach  within  the  enterprise,”  says 
Scott  Crawford,  a  senior  analyst  at 
research  firm  Enterprise  Manage¬ 
ment  Associates.“SlM  does  help  to 
simplify  security  event  collection 
and  analysis,  but  it  also  requires  a 
fair  amount  of  resources  and  staff 
to  get  it  implemented.” 

The  Yankee  Group  estimates  that 
for  midsize  to  large  organizations, 
the  software,  hardware  and  imple¬ 
mentation  costs  to  get  SIM  rolled 
out  can  reach  close  to  $400,000 
—  not  including  the  expense  of 
adding  devices,  ongoing  mainte¬ 
nance  and  storage  requirements. 
The  escalating  cost  of  a  niche 
product  doesn’t  appeal  to  users, 
but  neither  does  the  idea  of 
rolling  out  an  entire  management 
framework  to  get  the  benefit  of 
automated  event  collection,  filter¬ 
ing  and  analysis. 

“Network  management  prod¬ 
ucts  are  just  so  big  and  all-encom¬ 


passing  that  it  would  take  a  long 
time  to  get  what  you  wanted  from 
them  for  a  SIM  rollout,”  says  Adam 
Hansen,  security  manager  for 
Sonnenschein,  Nath  &  Rosenthal, 
a  law  firm  in  Chicago.  He  uses 


OpenService’s  Security  Threat 
Manager  to  keep  up  with  security 
logs  on  more  than  100  managed 
devices. 

Hansen  says  he  can  see  the  ben¬ 
efits  of  tying  together  security  and 
network  monitoring  tools  to  bet¬ 
ter  align  alerts  from  the  separate 
systems,  but  for  now  he  says  net¬ 
work  management  products  lack 
the  in-depth  security  knowledge 
and  correlation  capabilities  to 
make  sense  of  alerts  for  security 
staffers. 

“If  the  management  vendor 
doesn’t  fundamentally  under¬ 
stand  what  it  is  looking  for  in  the 
security  events,  then  all  the  data 
collection  will  just  become 
another  case  of  ‘garbage  in, 
garbage  out,’”  he  says.B 


Cisco  announces 
management  shifts 

BY  PHIL  HOCHMUTH 

Cisco  last  week  promoted  Charles  Giancario  to  chief  development 
officer,  a  year  after  he  was  named  CTO  and  president  of  Cisco’s  Linksys 
division. 

He  replaces  Mario  Mazzola,  who  is  retiring  as  Cisco’s  head  of  engi¬ 
neering.  Mazzola,  58,  had  been  with  Cisco  for  12  years.  Giancario  will 
remain  as  the  head  of  Linksys. 

In  a  statement,  Cisco  CEO  John  Chambers  said  Mazzola’s  role  as 
head  of  engineering  “contributed  significant¬ 
ly  during  a  pivotal  time  in  Cisco’s  history 
solidifying  our  reputation  for  innovation  and 
risk  taking. ...  I  have  tremendous  confidence 
in  [Giancarlo’s]  ability  to  build  upon  this 
foundation.” 

Giancario  will  handle  R&D  efforts  behind 
all  of  Cisco’s  product  lines  —  from  enterprise 
and  carrier  routing  and  switching,  to  voice, 
security  and  home  network  gear  —  and  an 
R&D  operation  larger  than  many  of  the  com¬ 
pany’s  rivals’  annual  revenue.  (Cisco  spent  $3 
billion  on  product  development  in  its  2004  fis¬ 
cal  year.)  Cisco  will  look  to  fill  the  role  of  CTO 
—  which  focuses  on  the  promotion  of  Cisco 
technology  —  over  the  next  several  months. 
Other  changes  include  the  creation  of  the 
Data  Center,  Switching  and  Security  Technology  Group,  which  will 
be  headed  by  Senior  Vice  President  Jayshree  Ullal.  Formerly  in 
charge  of  Cisco’s  security  business,  Ullal  takes  over  the  storage  and 
switching  responsibilities  from  Senior  Vice  President  Luca  Cafiero, 
who  is  retiring. 

Mike  Volpi,  senior  vice  president  of  Cisco’s  Routing  Technology 
Group,  will  add  optical  and  service  provider  voice  technology  to  his 
responsibilities,  as  well  as  the  company’s  overall  service  provider 
strategy.  ■ 


With  the  retirement  of 
Mario  Mazzola,  Charlie 
Giancario  takes  over  as 
chief  development  offi¬ 
cer  at  Cisco. 
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Microsoft  targets  midsize  businesses 


Moving  to  the  middle 


Microsoft,  under  pressure  from  IBM  and  others,  is  releasing  a 
bundle  of  software  and  tools  designed  specifically  to  meet  the 
needs  of  midsize  companies. 


Bundle  components 


Feature/function 


Windows  Server  2003, 
Standard  Edition 

Includes  three  copies  of  network  operating  system 
to  create  core  infrastructure. 

Exchange  Server  2003, 
Standard  Edition 

full-feature  mail  server. 

Microsoft  Operations 

Monitoring  software  limited  to  10  servers. 

BY  JOHN  FONTANA 

Microsoft  last  week  put  together 
a  bundle  of  servers  designed  to 
help  midsize  companies  replace 
aging  software  with  a  more  secure 
and  manageable  infrastructure. 

The  company  is  bundling 
Exchange  Server  2003  Standard 
Edition,  Microsoft  Operations 
Manager  (MOM)  2005  Workgroup 
Edition  and  three  copies  of 
Windows  Server  2003  Standard 
Edition  into  a  single  product. The 
offering  signals  Microsoft’s  intent 
to  tailor  its  software  for  midsize 
companies,  a  segment  of  the  cor¬ 
porate  market  that  rival  IBM  is 
attacking  but  Microsoft  has  yet  to 
serve  specifically 

The  new  bundle  is  aimed  at 
companies  with  more  than  50 
users  that  are  growing,  have  small 
IT  staffs,  need  to  support  branch 
offices  and  typically  have  aging 
systems  such  as  Windows  NT  and 
Exchange  5.5  that  Microsoft  no 
longer  supports.  The  bundle  also 
is  designed  to  run  across  three 
servers  to  create  a  core  infrastruc- 


Manager,  Workgroup  Edition 

ture  with  room  to  expand. 

Microsoft  currently  serves  small¬ 
er  companies  with  its  popular 
Small  Business  Server,  which 
includes  Windows  Server  2003, 
Exchange  Server,  SQL  Server,  and 
Internet  Security  and  Acceler¬ 
ation  Server.  But  this  package  is 
limited  to  50  users,  runs  on  a  sin¬ 
gle  piece  of  hardware  and  is  not 
designed  to  support  branch 
offices. 

“You’re  getting  the  ability  to 
expand  your  systems  beyond  pre¬ 


set  storage  limits  and  license  lim¬ 
its,”  says  Tim  McKellips,  manager 
of  education  and  information 
worker  solutions  for  Inacom,  a 
systems  integrator  in  Madison, 
Wis.“You  get  the  flexibility  so  you 
can  partner  without  being  limited 
to  a  set  number  of  connections. 
Eventually  you  get  the  robustness 
of  distributed  computing.” 

In  addition  to  the  software, 
Microsoft  has  created  a  combina¬ 
tion  client  access  license  (CAL) 
that  covers  both  Windows  and 


Exchange.  Users  can  buy  up  to 
250  of  those  combination  li¬ 
censes.  The  bundle  will  ship  with 
50  CALs  for  Windows  and 
Exchange. 

Microsoft  also  has  designed  a 
specific  TechNet  Web  site  for  mid¬ 
size  companies  that  offers  techni¬ 
cal  advice  and  guidance.  Also 
included  is  a  set  of  tools,  includ¬ 
ing  the  Microsoft  Security  Assess¬ 
ment  Tool,  for  assessing  security 
vulnerabilities  on  the  network; 
the  Microsoft  TCO  Assessment 
Tool,  which  offers  models  for  IT 
spending  based  on  specific  cor¬ 
porate  requirements;  the 
Microsoft  Baseline  Security 
Analyzer,  which  determines  if 
patches  are  up  to  date;  and  the 
Microsoft  Software  Inventory 
Analyzer,  which  collects  an  inven¬ 
tory  of  Microsoft  software 
installed  on  desktops  and  the  net¬ 
work. 

“This  [new  bundle]  is  a  signal 
that  they  are  going  after  the  mid¬ 
market,”  says  Mika  Krammer,  an 
analyst  with  Gartner.  “You  see 


encroachment  from  Linux  here, 
and  IBM  is  dumping  a  ton  of 
money  into  developing  products 
and  partnerships  to  do  a 
Microsoft  takeout  on  the  upper 
end  of  the  mid-market,  and 
Microsoft  has  to  respond.” 

Krammer  says  this  bundle  of 
infrastructure  software  is  just  the 
start  of  more  to  come. 

The  bundle  is  shipping  now,  and 
Microsoft  is  offering  for  the  next 
12  months  a  20%  discount  that 
puts  the  price  at  $6,400  for  users 
on  Open  license  contracts.  ■ 
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Active  Directory  expands  beyond  Windows 


BY  JOHN  FONTANA 

Microsoft  last  week  extended  its 
directory  beyond  Windows  with 
the  introduction  of  an  interoper¬ 
ability  program  and  agreements 
with  key  partners. 

The  intent  of  the  Active  Direc¬ 
tory  Interoperability  Program  is  to 
provide  corporate  users  with  tools 
to  cement  Active  Directory  into 
the  core  of  their  Web  access  con¬ 
trol  and  identity  infrastructure  by 
providing  interoperability  tools, 
standards  support  and  extensions 
to  systems  running  on  non- 
Windows  platforms. 

Microsoft  is  ramping  up  the 
interoperability  program  ahead  of 
the  next  release  of  Windows 
Server  2003,  dubbed  R2,  which 
will  include  Active  Directory 
Federation  Services  (ADFS).  R2’s 
release  has  been  pushed  back  to 
between  October  and  year-end. 

ADFS  lets  users  share  authenti¬ 
cation,  or  federate,  data  across  cor¬ 
porate  boundaries.  Microsoft  uses 
a  protocol  it  developed  with  IBM 
called  WS-Federation  to  support 
that  sharing.  Many  other  vendors 
use  a  competing  standard  called 


Active  adoption 

Gartner  estimates  that 
nearly 

two  out  of  three 

corporations  haveActive 
Directory  ready  for  use 
as  part  of  an  identity  and 
access  infrastructure, 
while  Microsoft  says 
nearly  70%  of  corpora¬ 
tions  have  adopted  Active 
Directo  ry. 


Security  Assertion  Markup 
Language  (SAML). 

Tools  coming  from  Centrify  and 
Vintela  will  let  users  directly  hook 
Web-based  Java  applications  into 
the  directory  Centrify  will  add  a 
set  of  modules  to  its  DirectControl 
suite  that  uses  SAML  to  tie  Java 
applications  to  ADFS  and  its  WS- 
Federation  protocol.  Vintela  is 
adding  ADFS  federation  support 
to  its  Vintela  Single  Sign-on  for 
Java.  The  software  is  expected  to 
be  available  shortly  after  Windows 
Server  2003  R2  ships. 


“Microsoft  is  now  entering  the 
market  with  its  own  single  sign-on, 
federated  identity  management 
platform,  and  the  challenge  that  it 
has  is  that  for  users  to  do  federat¬ 
ed  identity  they  have  to  have  a 
pure  Microsoft  environment  and 
from  a  Web  applications  perspec¬ 
tive  that  is  just  not  going  to  be  the 
case”  in  most  companies,  says 
Tom  Kemp,  CEO  of  Centrify. 

Also,  Kernel  Networks  is  devel¬ 
oping  an  OpenLDAP  manage¬ 
ment  agent  that  is  scheduled  to 
be  available  on  a  royalty-free  basis 
by  year-end.The  agent  will  let  cus¬ 
tomers  integrate  OpenLDAP  2.x 
into  identity-management  infra¬ 
structures  based  on  Active 
Directory  and  Microsoft  Identity 
Integration  Server  2003. 

In  addition  to  the  integration 
work  of  third-party  partners,  Micro¬ 
soft  has  added  other  aspects  to  its 
program,  including  an  interoper¬ 
ability  lab  in  Redmond, Wash., and 
a  Web  site  focused  solely  on  Active 
Directory  interoperability 

Microsoft  also  says  it  will  offer 
licensing  for  intellectual  property 
and  protocol  technology  to  foster 


interoperability  including  licens¬ 
ing  the  Active  Directory  Password 
Change  Notification  Service  to 
independent  software  vendors 
and  corporate  users  who  want  to 
incorporate  the  technology  into 
their  applications. 


“We  have  made  it  easier  to  get  at 
password  information,”  says 
Microsoft’s  Michael  Stephenson. 
“You  can  change  a  user  telephone 
number  and  have  it  be  the  same 
in  all  repositories.  Now  you  can 
have  the  password  be  the  same.”B 


Worm  creator  found  guilty 

BY  PETER  SAYER 

A  German  teenager  who  confessed  to  creating  the  Sasser  computer 
worm  last  week  was  found  guilty  of  three  counts  of  computer  sabotage 
and  four  counts  of  data  manipulation,  and  given  a  suspended  sentence 
of  21  months. 

Sven  Jaschan,  19,  was  sentenced  at  the  district  court  in  Verden,  Ger¬ 
many,  the  court  said.  Jaschan  will  be  released  on  three  years’  proba¬ 
tion.  If  he  commits  another  crime  during  the  probation  period,  he  will 
be  jailed  at  a  juvenile  detention  center  to  serve  the  21-month  sentence. 

In  addition,  Jaschan  must  perform  30  hours  of  community  service  in 
a  home  for  the  elderly  or  a  hospital.  Jaschan  confessed  to  writing  the 
Sasser  worm  after  he  was  arrested  in  May  2004.The  computer  worm 
crashed  hundreds  of  thousands  of  computers  around  the  world  last 
year  by  exploiting  a  flaw  in  a  Windows  software  component  called  the 
Local  Security  Authority  Subsystem  Service. 

Jaschan  could  face  civil  lawsuits  brought  by  companies  whose  IT  sys¬ 
tems  were  infected  by  the  computer  worm. 

Sayer  is  a  correspondent  with  the  IDG  News  Service. 
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Quantum  CLL  6400  LTO-3  Autoloader 


Overland  LTO-3  NEO  2000 


Single  LTO-3  drive  with  8  cartridge  slots 
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Vendors  tout  WLAN  security  advances 


BY  JOHN  COX 

Two  wireless  LAN  security  ven¬ 
dors  last  week  separately  an¬ 
nounced  streamlined  versions  of 
their  software. 

Senforce’s  Wi-Fi  Security  is  a 
less-expensive  subset  of  the  com¬ 
pany’s  Endpoint  Security  Suite. 
The  new  offering  downloads  an 
agent  to  mobile  or  desktop 
clients  and  enforces  centrally  cre¬ 
ated  security  policies. 

Meanwhile,  AirDefense  pulled 
from  its  server-based  wireless 
intrusion-prevention  product  sev¬ 
eral  components  that  now  can  be 
deployed  on  a  wireless  laptop  to 


monitor  radio  traffic  and  pinpoint 
WLAN  clients  and  access  points. 
The  new  product  is  called 
AirDefense  Mobile. 

Senforce  used  several  key  ele¬ 
ments  of  its  current  suite,  and 
added  a  group  of  automatic 
reports,  graphs  and  summaries  of 
wireless  activities  and  status.  Policy 
Editor  is  a  PC  program  for  setting 
rules  for  what  client  devices  can 
and  can’t  do,  such  as  “all  wireless 
clients  at  headquarters  can  only 
connect  to  access  points  that  sup¬ 
port  the  Wi-Fi  Protected  Access  2 
specification.” 

The  policies  are  stored  by  Sen- 


force  server  applications  and  dis¬ 
tributed,  along  with  an  applica¬ 
tion  called  Security  Client,  to 
wireless  devices  whenever  they 
boot  up  or  change  their  network 
connection.  Security  Client  has 
code  to  enforce  the  policy  rules 
on  the  device. 

The  client  code  can’t  be  un¬ 
loaded,  disabled  or  sidestepped 
by  end  users,  Senforce  says. 

Missing  from  Wi-Fi  Security  are  a 
range  of  features  in  the  full  suite 
such  as  the  company’s  firewall; 
drivers  for  controlling  features 
such  as  the  use  of  USB  drives  on 
portable  devices;  and  integration 


Dell  begins  dual-core  push, 
upgrades  blade  servers 


BY  JENNIFER  MEARS 

While  HP  IBM  and  Sun  already 
have  begun  shipping  systems 
based  on  Advanced  Micro 
Devices’  dual-core  Opteron,  Dell 
this  week  is  set  to  enter  the  dual¬ 
core  fray  with  a  single-processor 
box  aimed  at  small  and  midsize 
businesses. 

The  SC430,  a  tower  server  built 
on  Intel’s  dual-core  Pentium  D 
processor,  adds  50%  more  storage 
capacity  with  up  to  4G  bytes  of 
Double  Data  Rate  2  Synchronous 
Dynamic  DRAM.  It  also  has  50% 
more  high-speed  buses,  with 
three  PCI  Express  slots,  than  its 
predecessor,  the  PowerEdge 
SC420,  Dell  says. 

The  box  is  designed  for  compa¬ 
nies  looking  to  support  e-mail,  file 
and  print,  and  Web-serving  appli¬ 
cations.  The  dual-core  design  will  give  multi-thread¬ 
ed  applications  a  40%  bump  in  performance,  Dell 
says.  The  system  starts  at  $499  for  a  singlecore 
Celeron  processor  and  comes  with  management 
software  and  professional  services  now.  It  supports 
Windows  Server  2003  and  Red  Hat  and  SuSE  Linux. 

The  introduction  of  the  SC430  should  end  any 
doubts  among  IT  professionals  as  to  whether  dual¬ 
core  x86  systems  are  becoming  mainstream  plat¬ 
forms  for  data  center  workloads,  analysts  say.  Both 
Intel  and  AMD  are  transitioning  their  processors 
to  dual-core  designs,  although  Intel  isn’t  expected 
to  have  dual-core  Itanium  or  Xeon  systems  until 
year-end. 

“Dell  typically  waits  until  other  companies  build 
the  market  and  then  comes  out  with  a  product  tar¬ 
geted  at  the  demand  that  has  been  established,”  says 
Joe  Clabby  a  vice  president  at  Summit  Strategies. 


He  says  it’s  not  surprising  to  see 
Dell  remain  loyal  to  Intel,  rather 
than  supporting  AMD’s  Opteron. 
“They  told  me  they  have  seen 
Intel’s  road  map  and  [Intel]  will 
catch  up  with  [AMD]  very  quick¬ 
ly  he  says.  “They  also  like  Intel’s 
ability  to  meet  their  manufactur¬ 
ing  demands.” 

Meanwhile,  Dell  continues  to 
make  its  blade  server  more  attrac¬ 
tive  for  corporate  customers, 
expanding  the  storage  connectivi¬ 
ty  options  for  its  PowerEdge  1855 
blade  server.  Last  week,  Dell  intro¬ 
duced  a  new  Fibre  Channel 
switch  for  its  blade  chassis.  The 
McData  4314  switch,  starting  at 
$9,000,  gives  end  users  another 
choice  when  it  comes  to  native 
Fibre  Channel  connectivity  Dell 
also  offers  a  Brocade  Fibre 
Channel  switch  for  its  blade  enclosure,  as  well  as  an 
InfiniBand  switch  from  Topspin  Communications. 

After  stumbling  with  its  initial  blade  product, 
the  PowerEdge  1655  MC,  Dell  says  it  has  seen  quick 
adoption  of  the  PowerEdge  1855  it  introduced 
last  fall. 

Tim  Golden,  director  of  PowerEdge  server  market¬ 
ing  at  Dell,  cites  IDG  statistics  indicating  that  in  the 
first  four  months  of  shipping  the  product,  Dell  grew 
its  share  in  the  two-processor  x86  blade  market  from 
4%  to  12%. 

Making  it  easier  to  integrate  blades  into  current  net¬ 
work  infrastructure  is  a  key  part  of  moving  blades 
into  a  more  mainstream  role.  Golden  says  end  users 
can  expect  Dell  to  continue  to  expand  network  con¬ 
nectivity  options  for  its  blade  servers.  Dell  is  in  talks 
with  Cisco,  for  example,  to  integrate  a  Cisco  Ethernet 
switch  into  its  blade  offering.* 


Dell's  first  dual-core  server,  the 
SC430,  is  aimed  at  SMBs  and  starts 
at  $850  for  a  single,  dual-core 
Pentium  D  processor. 


with  third-party  applications  such 
as  anti-virus  products. 

Rivals  include  AirDefense,  Air- 
Magnet  and  mobile  device  man¬ 
agement  vendors  such  as  Mobile 
Automation,  Wavelink  and  Any¬ 
where  (which  acquired  Xcelle- 
Net’s  Afaria  software). 

Wi-Fi  Security  is  priced  starting 
at  $45  per  user. 

The  AirDefense  Mobile  applica¬ 
tion  runs  on  any  Windows  XP  lap¬ 
top  with  a  WLAN  adapter  using 
the  Atheros  chipset.  It  lets  admin¬ 
istrators  monitor  and  analyze 
every  frame  from  any  kind  of 
802.11  access  point  within  range 
of  the  adapter’s  radio. 

The  U.S.Army  Forces  Command 
(FORSCOM)  has  been  using  the 
mobile  version  to  enforce  its  “no 
wireless”  policy  at  Fort  McPher¬ 
son,  Ga.  Civilian  network  admin¬ 
istrators  do  periodic  “war  walks” 
around  the  site,  using  the  soft¬ 
ware  and  laptop  to  pick  up  trans¬ 
missions. 

“We  found  an  Army  Reserve  unit 
that  had  installed  an  access  point 
in  a  warehouse  and  hooked  up 
laptops  for  inventory  control,” says 
Robert  Isaacs,  network  security 
manager  for  Booz-Allen  Hamilton 
assigned  to  FORSCOM. “We  found 
it  and  shut  them  down." 

The  software  also  measures  the 


strength  of  local  radio  signals. 
Using  this  data,  AirDefense  algo¬ 
rithms  calculate  the  location  of 
authorized  and  unauthorized 
wireless  access  points  and  users. 

Although  separate  from  Air¬ 
Defense  Enterprise,  the  mobile 
version  can  link  with  it  and 
download  details  of  radios  in  a 
given  area. 

In  addition,  the  Enterprise  ver¬ 
sion  lets  administrators  assign 
descriptive  names  to  devices 
such  as  “second  floor  conference 
room  access  point,”  and  the 
mobile  version  can  make  use  of 
these. 

AirMagnet  and  another  vendor, 
AirTight,  compete  with  AirDefense 
in  enterprise,  server-based  offer¬ 
ings  for  wireless-intrusion  detec¬ 
tion  and  prevention. 

AirDefense  Mobile  costs 

$1,000.* 


nww.com 

Points  to  ponder 

Whether  you're  in  the  office  or  on  cam¬ 
pus,  detecting  rogue  access  points  is  a 
must.  Help  Desk  guru  Ron  Nutter  shows 
you  how. 

DocFinder:  7961 


Gitrix  streamlines  apps 
management  pack 

BY  STACY  COWLEY 

Citrix  Systems  last  week  announced  a  version  of  its  application  man¬ 
agement  software  tailored  for  mid-market  businesses,  a  step  that  the 
company  hopes  will  aid  its  expansion  beyond  the  enterprise  market. 

Citrix  Access  Essentials  is  derived  from  the  company’s  Presentation 
Server  (formerly  called  MetaFrame)  software,  which  helps  organiza¬ 
tions  centrally  deploy  manage  and  secure  business  applications.  The 
software  can  be  used  to  support  remote  and  mobile  application  access. 

“With  the  Presentation  Server  mainstream  product,  we’ve  increasingly 
tuned  it  for  larger  enterprises,”  says  Paul  Burke,  a  senior  product  man¬ 
ager.  “Smaller  customers  say  they  end  up  with  a  choice  of  a  low-end 
product  where  they  lack  security  and  features,  or  Presentation  Server, 
but  Presentation  Server  imposes  too  much  of  a  cost.” 

Citrix  Access  Essentials  is  priced  at  $250  per  seat,  with  licenses  sold  in 
five-user  packs.  The  software  is  capped  at  75  users,  and  includes  client 
access  licenses  for  Microsoft’s  Windows  Terminal  Server  software.  Citrix 
Access  Essentials  will  be  sold  entirely  through  Citrix’s  reseller  channel. 

The  new  software  can  be  run  on  one  server  and  includes  a  wizard 
interface  intended  to  simplify  installation.  Burke  says  that  beyond  the 
scalability  limits  imposed  by  the  75-user  cap,  Citrix  Access  Essentials  is 
functionally  comparable  to  Citrix’s  full-strength  Presentation  Server. 

Cowley  is  a  correspondent  with  the  IDG  News  Service. 
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SRUTI 

continued  from  page  1 

Participants  exposed  fresh  ideas 
to  expert  criticism,  sometimes 
resulting  in  helpful  suggestions 
and  sometimes  pointing  out  sig¬ 
nificant  problems. 

One  promising  proposal  would 
help  wipe  out  the  bulk  of  distrib¬ 
uted  DoS  attacks  near  their 
sources,  but  not  those  attacks  in 
which  the  aggressor  machines 
use  spoofed  IP  addresses.  Even 
though  the  proposal  wouldn’t 
block  all  attacks,  it  was  still  con¬ 
sidered  feasible  because  it  would 
mitigate  the  bulk  of  distributed 
DoS  exploits  that  rely  on  networks 
of  unspoofed  zombie  machines 
—  botnets  —  to  fire  off  the 
attacks. 

On  the  flip  side,  another  presen¬ 
tation  advanced  a  relatively  sim¬ 
ple  method  of  encrypting  e-mail 
that  would  also  authenticate  the 
sender  and  receiver.  But  this  was 
pretty  much  shot  down  when  one 
attendee  pointed  out  that  encrypt¬ 
ing  e-mail  would  render  useless 
spam  filters  that  search  content 
and  subject  lines  for  key  words. 
“You  have  just  proposed  an  excel¬ 
lent  tool  for  spammers,”  he  said. 
The  author  didn’t  have  an  answer 
for  that. 

Practicality  seemed  the  watch¬ 
word  for  the  day  The  author  of  the 
presentation  on  blocking  distrib¬ 
uted  DoS  attacks  said  there  have 
been  proposals  that  would  be 
extremely  effective  if  there  were 
separate  IP  address  spaces  for 
servers  and  clients.  “This  has  real 
possibilities  if  only  we  were  re¬ 
designing  the  Internet  from 
scratch,”  says  Mark  Handley  a  re¬ 
searcher  from  University  College 
London  in  the  U.K.,  who  present¬ 
ed  the  proposal. 

Instead,  his  proposal  would  in¬ 
troduce  devices  near  Internet 
servers  and  at  the  edge  routers  of 
ISPs  to  mark  and  monitor  traffic  to 
the  servers.  When  a  distributed 
DoS  attack  was  detected,  these 
devices  would  block  at  the  edge 
routers  traffic  from  addresses 


identified  as  the  source  of  the 
attack.  These  devices  could  effec¬ 
tively  reduce  distributed  DoS  traf¬ 
fic  within  a  single  ISP’s  network, 
Handley  says.  This  enforcement 
could  be  extended  to  other  ISPs 
and  block  attacks  even  closer  to 
the  source  if  the  ISPs  involved 


could  develop  enough  trust  to 
share  knowledge  about  their  net¬ 
works,  he  says. 

Dealing  with  spam 

While  distributed  DoS  drew 
much  attention,  SRUTI  presenters 
also  focused  on  spam,  which 
accounts  for  the  vast  majority  of  e- 
mail  crossing  the  Internet. 

One  researcher  described  a  way 
to  analyze  the  senders  and  recipi¬ 
ents  of  e-mails  in  conjunction 
with  a  traditional  spam  filter  to 
boost  the  overall  effectiveness  of 
spam  protection.The  algorithm  re 
duces  the  amount  of  good  email 
that  is  identified  as  spam  by  about 
20%,  according  to  Jussara 
Almeida,  a  researcher  at  Universi- 
dade  Federal  de  Minas  Gerais  in 
Brazil.’This  is  important  since  the 
cost  of  false  positives  is  usually 
believed  higher  than  the  cost  of 
false  negatives,”  she  said. 

The  study  by  her  team  divided 
senders  and  recipients  into 
groups  based  on  who  routinely 
receives  legitimate  e-mail  from 
whom.The  memberships  of  these 
groups  —  essentially  contact  lists 
—  are  more  stable  than  criteria 
used  for  other  screening  methods 
such  as  looking  for  keywords, 


Almeida  said.  Spammers  can 
change  the  words  selected  for 
spam  to  duck  keyword  filters,  but 
establishing  themselves  as  mem¬ 
bers  of  trusted  groups  is  more  dif¬ 
ficult,  she  said. 

The  algorithm  weighs  the  proba¬ 
bility  that  any  message  sent  from 


a  certain  group  of  senders  to  a 
specific  group  of  recipients  is 
spam.  It  is  effective  at  sorting  a  cer¬ 
tain  percentage  as  definitely 
spam  and  definitely  not  spam, 
with  a  gray  area  in  between.  The 
researchers  are  working  to  tweak 
the  algorithm  to  reduce  the  size  of 
the  gray  area,  she  said. 

A  similar  method  of  sorting  IP 
voice  mail  spam  —  spam  over  IP 
telephony  (SPIT)  —  also  relies  on 
senders  and  receivers.  This  is  key 
in  filtering  SPIT  because  the  point 


is  to  get  rid  of  the  unwanted  mes¬ 
sages  without  having  to  waste 
time  listening  to  them,  which 
would  be  required  if  the  content 
were  examined. 

“You  don’t  have  to  look  at  con¬ 
tent  to  get  a  pretty  good  idea  of 
what  is  going  on,”  says  Steve 
Bellovin,  a  professor  at  Columbia 
University  and  a  moderator  at 
SRUTI.This  has  been  useful  in  the 
intelligence  community  for  years.” 

Researchers  from  the  University 
of  North  Texas,  Denton,  have  creat¬ 
ed  a  voice  spam  detection  server 
they  say  can  identify  a  “spitter” 
after  just  three  calls  to  users  in  a 
given  group, such  as  a  corporation. 
The  server  analyzes  where  calls 
are  from  and  whether  messages 
left  by  those  sources  are  likely  to 
be  SPIT  based  on  the  experience 
users  have  had  with  calls  from  the 
same  sources,  said  Ram  Dantu,  a 
researcher  at  the  university 

While  this  particular  defense 
would  be  the  same  all  the  time, 
some  of  the  proposals  called  for 
dynamic  defense  systems  that 
change  as  the  nature  of  threats 
change.  Based  on  the  severity  of  a 
detected  attack  and  other  net¬ 
work  conditions,  an  adaptive 
defense  can  adjust  its  response  to 
minimize  the  amount  of  false  pos¬ 
itives  and  false  negatives,  says  Cliff 
Zou,a  researcher  at  the  University 
of  Massachusetts,  Amherst.  False 


positives  and  negatives  can  both 
prove  costly  to  users,  either  by 
blocking  important  legitimate  traf¬ 
fic  or  failing  to  block  an  attack. 

One  possible  downside  to  this 
idea  of  measured  response  is  that 
attackers  might  lull  such  defense 
systems  into  less  restrictive  modes 
and  then  hit  with  sudden,  intense 
barrages  that  could  have  devastat¬ 
ing  effect  before  an  adequate 
defense  could  be  mounted, 
according  to  reactions  to  the  talk. 

Other  ideas  floated  at  the  work¬ 
shop  ranged  from  setting  up  hon- 
eypots  to  lure  spammers  and  then 
tie  up  their  resources,  to  simulat¬ 
ing  network  congestion  to  see 
how  suspicious  traffic  streams 
respond  as  a  way  to  determine 
whether  a  person  is  behind  the 
session  or  a  zombie  machine 
sending  automated  responses. 

In  aggregate  the  13  papers  pre¬ 
sented  last  week  represent  a 
springboard  for  producing  a 
faster  Internet,  said  Dina  Katabi, 
an  MIT  professor  and  co-chair¬ 
man  of  the  workshop.  “The  talks 
have  proposed  promising  solu¬ 
tions  that  address  important 
problems,”  she  said.B 
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Sprint  rolls  out  EV-DO  service 


BY  DENISE  PAPPALARDO 

Sprint  this  month  will  launch  its  Evolution  Data 
Optimized  wireless  high-speed  data  service  in  34 
markets,  the  company  said  last  week. 

Sprint  first  announced  its  EV-DO  service  plans 
just  more  than  a  year  ago. The  carrier  says  its  EV-DO 
Wireless  High-Speed  Data  Service  will  be  available 
in  at  least  60  metropolitan  markets  by  early  next 
year  and  reach  150  million  people. 

“With  this  announcement  we’re  enabling  mobile 
workers  with  connection  cards.  Handset  launches 
are  planned  for  later  in  2005  with  associated  appli¬ 
cations,”  says  Barry  Tishgart, senior  director  of  prod¬ 
uct  management  at  Sprint. 

Users  can  expect  EV-DO  multimedia  applications 
with  handsets  that  are  equipped  with  better  pro¬ 
cessing  power,  screens  and  more  memory  in  the 
fourth  quarter,  he  says. 

The  initial  EV-DO  markets  will  include  Charlotte, 
N.C.,  Cleveland,  Detroit,  New  Orleans  and 
Sacramento.  In  July,  cities  such  as  Chicago,  Dallas, 
Miami  and  San  Francisco  will  come  online.  A  full 
list  of  the  service’s  geographic  reach  is  available  on 
www.networkworld.com,  DocFinder:  7962. 

Verizon  Wireless  was  the  first  provider  to  make 
EV-DO  available  last  year.  The  carrier’s 


BroadbandAccess  EV-DO  service  is  available  in  50 
markets,  supporting  transmission  speeds  between 
400K  and  700K  bit/sec.  Verizon  Wireless  says  its 
BroadbandAccess  service  will  be  available  to 
more  than  half  of  the  U.S.  population  by  year-end. 

Packages  and  pricing 

Sprint  says  its  EV-DO  service  also  supports  wire¬ 
less  data  transmissions  between  400K  and  700K 
bit/sec  and  can  burst  up  to  2M  bit/sec.  EV-DO  is  a 
huge  leap  forward  for  Sprint’s  lxRTT  wireless  data 
users  who  have  average  transmission  speeds  of 
50K  to  70K  bit/sec, Tishgart  says. 

Consumer  pricing  plans  start  at  $40  per  month  for 
40M  bytes.  If  users  go  over  the  40M  bytes,  the  most 
they  will  be  charged  is  $90  per  month. 

The  carrier  also  is  offering  an  unlimited  service 
for  business  users  starting  at  $80  per  month. 

Users  who  sign  up  for  either  package  also  will 
have  the  option  of  using  Sprint’s  lxRTT  Code 
Division  Multiple  Access  wireless  network  when 
they  are  roaming  in  areas  where  EV-DO  is  not  yet 
available. 

Customers  also  are  required  to  purchase  an 
AirCard  from  Sierra  Wireless  or  Novatel  Wireless 
that  costs  about  $250  each.  ■ 


■  **[ln  fighting  spam]  you 

don't  have  to  look  at  content 
to  get  a  pretty  good  idea  of 
what  is  going  on. This  has 

gence  community  for 
years.55 

Steve  Bellovin,  professor,  Columbia  University 
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Storage  story 


Microsoft  has  steadily  increased  its  presence  on  the  storage  scene  over  the  past  few  years. 


•  Introduces  Server  Appliance  Kit  —  a 
network-attached  storage  specification 
for  implementation  by  systems  OEMs. 


Announces  new  version  of 
its  NAS  kit  —  Windows 
Storage  Server  2003. 


Ships  Data  Protection  Manager, 
with  40  partners  in  tow. 


2005 


1 2002 

Unveils  technologies  that  make  storage  easier  Unveils  System  Center  Data  Protection  Manager, 
to  run  on  Windows  —  Virtual  Shadow  Copy 
Service,  Multipath  I/O,  Virtual  Disk  Service  and 
support  for  iSCSI. 


Microsoft 

continued  from  page  1 

storage  products  in  competition 
with  such  vendors. 

“Products  like  DPM  absolutely 
pose  a  competitive  threat  to  pure- 
play  storage  independent  soft¬ 
ware  vendors  [ISV] ,”  says  David 
Freund,  an  analyst  for  llluminata. 

Microsoft’s  storage  efforts  bring 
to  mind  the  company’s  inroads 
into  other  markets,  such  as  anti¬ 
virus  and  anti-spam,  where  it  ini¬ 
tially  looked  not  to  be  a  direct 
competitor  to  current  vendors. 
Microsoft  won’t  reveal  how  much 
money  or  how  many  people  it  is 
devoting  to  storage,  but  observers 
say  it  is  significant. 

DPM  will  back  up  data  on  Win¬ 
dows  file  servers  and  network- 
attached  storage  (NAS)  devices  as 
a  series  of  as  many  as  64  snap¬ 
shots.  It  differs  from  many  other 
continuous  data-protection  prod¬ 
ucts  in  that  it  allows  end  users  to 
recover  data.  DPM,  which  costs 
$950  for  every  three  servers  pro¬ 
tected,  runs  on  a  server  and  backs 
up  data  from  local  or  remote  file 
servers.  It  saves  the  data  to  its 
attached  disk  storage  for  later 
archiving  to  tape. 

DPM  represents  the  third  tenet 
of  Microsoft’s  storage  strategy, 
according  to  Ben  Matheson,  a 
Microsoft  product  manager.  “The 
first  is  to  make  Windows  the  best 
platform  for  storage,”  Matheson 


says.  “The  second  is  to  work  with 
storage  partners  to  create  a  broad 
storage  ecosystem.” The  third  is  to 
introduce  new  storage  offerings. 

The  company  initiated  its  stor¬ 
age  efforts  in  2000  with  the  intro¬ 
duction  of  Server  Appliance  Kit, 
now  known  as  Windows  Storage 
Server.The  kit  gave  systems  manu¬ 
facturers  tools  with  which  to 
develop  NAS  systems  for  Win¬ 
dows  networks.  Windows-based 
NAS  systems  swelled  from  practi¬ 
cally  no  market  share  to  4 1  %  with¬ 
in  two  years,  cutting  into  the  share 
of  vendors  whose  offerings  are 
based  on  proprietary  software, 
according  to  Gartner.  Dell,  HP  and 
EMC  are  among  the  19  vendors 
now  making  NAS  systems  to 
Microsoft’s  specifications. 

In  2002,  Microsoft  unveiled  a 
variety  of  storage  technologies 
that  let  other  companies’  software 


work  better  with  Windows  net¬ 
works.  As  with  the  tool  kit,  Micro¬ 
soft’s  offerings  were  not  seen  as 
encroaching  on  the  territory  of  its 
partners  in  the  storage  industry 

“Microsoft’s  storage  technologies 
—  Virtual  Shadow  Copy  Service 
and  Multipath  I/O  —  have  been 
largely  complementary  to  other 
vendors’  products,”  Illuminata’s 
Freund  says.  Virtual  Shadow  Copy 
Service  automates  the  backup  of 
network  volumes;  Multipath  I/O 
lets  vendors  offer  Windows-based 
multiple  path  redundancy  be¬ 
tween  host  computers  and  their 
storage-area  network  devices. 

Unlike  that  software,  DPM  is 
seen  as  a  direct  competitor  to 
offerings  from  companies  such  as 
Symantec  (which  recently 
acquired  Veritas),  Computer 
Associates  and  start-ups  such  as 
Mendocino  Software  and  Mimosa 
Systems,  and  storage  resource- 
management  vendors  AppIQ  and 
Creekpath. 

Microsoft  has  a  history  of  coop¬ 
erating  with  storage  ISVs.  For  in¬ 
stance,  its  NTbackupTape  Backup 
Utility  which  shipped  with  Win¬ 
dows  NT  and  2000,  was  a  repack¬ 
aged  and  stripped-down  version 
of  Veritas’  Backup  Exec  software. 

But  that  relationship  could 
crumble  as  the  company  reaches 
further  into  storage. 

“Microsoft  is  increasing  its 
‘coopetition’  with  partners,” 
Freund  says. 

Analysts  and  users  say  Microsoft 
could  prove  particularly  competi¬ 
tive  in  small  and  midsize  business 
storage  networks. 

“Most  [such]  Microsoft  shops 
will  look  to  Microsoft  for  a  solu¬ 
tion  first  instead  of  introducing 
another  layer  of  complexity”  by 
bringing  in  another  vendor,  says 
Ron  Hawkins,  senior  technical 
architect  for  Harvard  University 

As  DPM  matures  and  gains  func¬ 
tionality,  however,  it  could  rival 
enterprise  network-class  products 


from  vendors  such  as  EMC  and 
IBM,  observers  say  The  continuous 
data-protection  market  is  in  its 
infancy  but  has  attracted  lots  of 
players,  including  Network  appli¬ 
ance  and  start-up  TimeSpring. 

“When  DPM  can  back  up 
applications  and  databases, 
then  it’s  time  [for  other  ven¬ 
dors]  to  worrj/’  says  Stephanie 
Balaouras,  senior  analyst  for  The 
Yankee  Group.“Then  it  becomes 
applicable  to  the  mid-market, 
500-plus  employee  organiza¬ 
tions,  where  Microsoft  is  the 
dominant  operating  system.” 

But  DPM  will  not  eliminate  the 
need  for  other  back-up  and  recov¬ 
ery  products,  says  Randy  Kerns,  an 
independent  analyst. 

“They  will  still  be  used  for  tape 
backups,  but  not  as  many  or  as 
often,”  he  says. 

Microsoft’s  Matheson  says  DPM 
will  support  Microsoft  Exchange, 
SQL  Server,  server  imaging,  and 
recovery  of  files  on  users’  desktop 
drives  in  the  second  release,  due 
in  two  years. 

Microsoft  is  expected  to  inte¬ 
grate  more  storage  resource  man¬ 
agement  capabilities  into  its  prod¬ 
ucts,  analysts  say  The  company 
has  included  a  thin  version  of 
Veritas’  storage  resource  manage¬ 
ment  software  in  Windows 
Storage  Server  2003.  And,  sources 
say  that  Windows  Server  2003  R2, 
also  known  as  Longhorn,  will  in¬ 
clude  storage  research-manage¬ 
ment  software  from  Veritas.H 
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The  New  Data  Center: 

Spotlight  on  storage 

Our  latest  report  takes  a  look  at  storage 
trends  such  as  virtualization,  encryption, 
archiving  and  more. 
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SAP  offers  Safe  Passage 
program  to  midsize  firms 

BY  JOHN  BLAU 

In  a  move  to  attract  a  larger  number  of  customers  from  rival  Oracle, 
SAP  AG  is  extending  its  Safe  Passage  program  to  include  small  and  mid¬ 
size  businesses  worldwide. 

SAP  and  its  channel  partners  for  mySAP  All-in-One  will  collaborate 
to  provide  SMBs  running  PeopleSoft  and  J.D.  Edwards  software  sys¬ 
tems  protection  for  these  existing  investments,  while  offering  a  migra¬ 
tion  path  to  the  nearly  600  mySAP  All-in-One  applications,  SAP  said 
last  week. 

PeopleSoft,  which  acquired  J.D.  Edwards  in  2003,  was  purchased  one 
year  later  by  Oracle.  SAP  has  been  courting  PeopleSoft  and  J.D.  Edwards 
customers  since  Oracle  announced  its  acquisition  plans. 

The  new  SMB  program  provides  a  conversion  credit  of  up  to  75%  of 
the  original  PeopleSoft  and  J.D.  Edwards  software  licensing  fees  to  be 
used  toward  the  licensing  of  mySAP  All-in-One  software  products.  The 
offer  is  valid  for  all  versions  and  releases  of  PeopleSoft  and  J.D.  Edwards 
applications.  Support  and  maintenance  of  the  software  will  be  provided 
through  mySAP  All-in-One  partners. 

The  Safe  Passage  program,  launched  in  January  initially  targeted  SAP 
customers  who  also  ran  applications  from  either  or  both  of  these  soft¬ 
ware  vendors.  Around  2,000  SAP  customers  fit  into  this  target  group. 

Blau  is  a  correspondent  with  the  IDG  News  Service. 
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DB2  WONT  ABANDON  YOU. 

Perhaps  you’ve  heard:  Oracle  desupported  Oracle 
Database  8i  last  year.  Meaning  potential  headaches, 
higher  cost  or  a  complete  migration  to  current  versions 
of  Oracle.  Fortunately,  IBM  offers  ongoing,  around-the- 
clock  service  and  support  for  DB2. 

But  that’s  not  all.  A  Solitaire  study  has  found  that,  on 
average,  Oracle  Database  requires  25%  more  time  to 
manage  than  DB2.1  That’s  big. 

And  an  ITG  study  showed  overall  costs  for  Oracle  Database 
up  to  four  times  higher  than  DB2.2  The  Transaction  Process¬ 
ing  Performance  Council  results  show  that  DB2  and 
eServer’"  p5-595  are  more  than  twice  as  scalable  as  Oracle 
Real  Application  Clusters,  making  them  the  overwhelming 
performance  and  scalability  leader  for  TPC-C!  That’s  big,  too. 


No  wonder  DB2  is  regarded  as  the  leading  database  built 
on  and  optimized  for  Linux?  UNIX'5  and  Windows!  Like 
other  IBM  database  engine  products  such  as  Informix® 
and  C!oudscape7  DB2  is  part  of  an  innovative  family  of 
information  management  middleware  that  integrates,  and 
can  actually  add  insight  to  your  data. 

It’s  also  built  to  take  full  advantage  of  your  existing 
heterogeneous  and  open  environments,  and  is  built  to 
enable  true  grid  computing. 

Why  not  move  up  to  middleware  that  makes  sense?  Now 
you  can  get  IBM  DB2  Universal  Database  or  Informix 
by  taking  advantage  of  our  extremely  compelling  trade- 
up  program.  Visit  ibm.com/db2/swap  today  to  find  out  if 
you  qualify. 
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IBM.  the  IBM  logo.  DB2.  eServer,  Informix,  Cloudscape  and  the  On  Demand  logo  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United 
States  and  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other 
countries.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks 
of  others.  <9  2005  IBM  Corporation.  All  rights  reserved.  ’“DB2  Performance  on  IBM  Server*  pSeries  and  xSeries,"  Solitaire  Interglobal  Ltd..  2003:  based  on  Oracle  Database  9i.  :“IBM 
Solutions  for  PeopleSoft  Deployment  in  Mid-sized  Businesses  Quantifying  the  New  Cost/Benefit  Equation."  July  2003,  International  Technology  Group,  Los  Altos,  California  'All  referenced 
results  are  current  as  of  12/14/04.  DB2  UDB  v8.2  on  IBM  eServer  p5  595  (64-way  POWER5  1.9  GHz)  and  AIX  5.3L:  3,210.540  tpmC  @  S5.19/1pmC  available:  May  15,  2005,  vs.  Oracle 
RAC  lOg  on  HP  Integrity  rx5670  Cluster  64P  (16  x  4-way  Intel  Itanium2  6M  1.5GHz):  1,184,893  tpmC  @  S5.52/tpmC  available:  April  30,  2004;  TPC  Benchmark,  TPC-C,  tpmC  are 
trademarks  of  the  Transaction  Processing  Performance  Council.  For  further  TPC-related  information,  please  see  http://www.tpc.org/ 
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Roller  coaster 

continued  from  page  1 

Cedar  Point  Amusement  Park  in 
Sandusky,  Ohio,  is  worlds  apart 
from  the  brain-dead  roller  coast¬ 
ers  of  old  that  relied  on  a  greasy 
chain  to  clunk  the  car  up  a 
wooden  hill. The  Dragster’s  oper¬ 
ators  employ  an  array  of  mod¬ 
ern  technology  to  create  an 
experience  for  riders  that  is  the 
rough  equivalent  of  being 
launched  from  an  aircraft  carrier 
deck,  where  jets  accelerate  from 
0  to  165  mph  in  about  3  sec¬ 
onds. 

Inner-workings 

For  starters,  the  Dragster  is 
wired  with  560,000  feet  of  cop¬ 
per  cable  to  carry  back  perfor¬ 
mance  data  from  300  redundant 
pairs  of  sensors  located  through¬ 
out  the  track  and  engine  room. 
The  majority  of  the  sensors  are 
proximity  switches  that  can  mea¬ 
sure  the  movement  of  the  metal 
coaster  car  over  the  track.  There 

I  got  to  find  out 
what  it  feels  like 
to  be  a  human 
cannonball,  ora 
Navy  pilot,  without 
the  cannon,  gun 
powder,  helmet  or 
parachute. 

are  also  thermal  temperature 
and  pneumatic  sensors.  If  any 
one  of  the  sensor  pairs  fails  to 
match  the  readout  of  the  other, 
the  Dragster  is  shut  down  for  a 
safety  check. 

But  the  data  aren’t  just  col¬ 
lected  for  safety.  They  also  help 
produce  the  perfect  ride  on 
every  launch. The  parameters 
within  which  the  Dragster  has 
to  operate  are  so  finely  tuned 
that  variable  load  weights  from 
people,  wind  speed  and  out¬ 
side  temperature  affect  its 
performance. 

So  data  ranging  from  the 
velocity  of  the  roller  coaster 
car  at  the  top  of  the  tower  to 
wind  speed  and  direction 
(taken  from  an  anemometer 
atop  the  tower)  are  collected 
on  every  ride  and  analyzed 
using  proprietary  software 
developed  for  Cedar  Point.  After 
every  third  launch,  the  data  are 
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averaged  and  compared  with 
historic  launch  data  in  an  effort 
to  create  that  perfect  ride  — 
the  roller  coaster  must  go  fast 
enough  to  clear  the  top  of  the 
tower,  but  slow  to  between  7 
and  15  mph  in  order  to  give  rid¬ 
ers  the  maximum  lift  effect  at 
the  top. 

Based  on  the  comparison  of 
current  and  historical  data,  the 
Dragster  corrects  itself  by 
adjusting  the  pressure  of  the 
engine  and  other  parameters  to 
produce  as  near  perfect  a  ride 
as  possible  every  time. 

To  create  the  Dragster,  Monty 
Jasper,  an  engineer,  roller  coaster 
lover  and,  oh  yeah,  a  vice  presi¬ 
dent  of  Cedar  Fair,  L.P  (Cedar 
Point’s  parent)  teamed  up  about 
five  years  ago  with  Intamin  AG,  a 
Swiss  company  that  is  one  of  the 
top  roller  coaster  designers  in 
the  world. 

The  quest  was  to  build  a 
roller  coaster  that  would  top 
400  feet  for  the  first  time,  a  feat 
some  thought  impossible. 
Jasper  had  just  eclipsed  the  lat¬ 
est  world’s  record  by  building  a 
“giga-coaster,”  called  the 
Millenium  Force,  which  broke 
the  300-foot  barrier.  But  was  it 
really  possible  to  pull  off  a  400- 
foot-high  roller  coaster  in  an 
area  small  enough  and  with 
technology  affordable  enough 
for  an  amusement  park? 

Luckily  for  all  roller  coaster 
fans,  the  answer  was  yes.  Price 
tag:  $25  million. 

Jasper  and  Intamin  decided 
to  use  a  hydraulic  engine, 
which  can  achieve  higher 
speeds  than  linear  induction 
motors  (superconducting  mag¬ 
nets),  the  propulsion  system 
that  many  steel  roller  coasters 
started  using  in  the  late  ’90s, 
according  to  Jasper. That  means 
the  roller  coaster  would  require 
less  track,  and  thus,  less  space 
and  expense.  But  this  wouldn’t 
be  just  any  engine;  the  Dragster 
would  require  a  10,000-horse¬ 
power  unit  (a  real  drag  racer 
has  a  6,500-horsepower 
engine). 

Even  with  all  that  muscle,  the 
cars  on  the  Dragster  sometimes 
fall  below  the  minimum  speed 
needed,  and  drop  backwards 
down  the  same  42-story  building 
and  safely  back  into  the  station, 
where  they  are  stopped  by  a 
long  row  of  heavy-duty  magnetic 
brakes.  If  this  happens,  the  oper¬ 
ators  give  chickens,  uh, “tired”  rid¬ 
ers,  the  chance  to  get  off. 


Point  Amusement  Park  s  Top  Thrill  Dragster  roller  coaster 
tops  out  at  a  height  of  420  feet  and  a  speed  of  120  mph.  The  ride, 
located  in  Sandusky,  Ohio,  is  wired  with  560,000  feet  of  copper  cables 
to  carry  back  performance  data  from  300  redundant  pairs  of  sensors 
located  throughout  the  track  and  engine  room. 
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Ready  for  takeoff 

OK,  so  the  technology  is  inter¬ 
esting,  but  what’s  it  like  to  ride 
the  Dragster?  That’s  what  I  was 
wondering  the  first  time  I 
stepped  into  the  front  car  and 
sat  there  with  sweaty  palms,  wait¬ 
ing  for  what  seemed  like  an  eter¬ 
nity,  for  the  launch.  Because  the 
process  of  pressurizing  the 
engine  and  checking  the  safety 
sensors  takes  about  40  to  50  sec¬ 
onds,  the  Dragster  makes  you 
wait  for  the  thrill.  Riders  were 
loaded  simultaneously  into  two 
trains  while  the  operators  made 
sure  the  train  just  launched 
cleared  the  top  of  the  tower.  That 
means  you  sit  with  adrenaline 
pumping  and  heart  racing  for 
around  a  minute  before  the 
launch  —  about  three  times  as 
long  as  the  22-second  ride. 

I  had  ridden  great  roller  coast¬ 
ers  before.Superman:The  Escape 
at  Six  Flags  Magic  Mountain  in 
Valencia,  Calif.,  accelerates  from 
0  to  100  mph  in  7  seconds,  before 
turning  90  degrees  up  a  tower, 
producing  about  6  seconds  of 
micro-gravity  before  dropping 
the  car  backwards  to  earth.  So 
what  if  the  Dragster  accelerates 
twice  as  fast? 

I  was  turning  all  this  over  in  my 
mind  when  the  car  finally  rolled 
into  the  launch  position  to  await 
a  series  of  lights  on  the  gigantic 
tower  in  front  of  me  to  count 
down  red, yellow  green. ...  I  didn’t 


realize  the  first  time  I  rode  it  (yes 
yes,  I  went  back)  that  the  telltale 
moment  is  a  slight  rollback  of  the 
train. That’s  when  the  catchcar  (a 
locking  device  —  a  strong  one  I 
was  hoping),  attaches  a  1-inch 
diameter  launch  cable  that  tows 
the  one-ton  car  262  feet  down  the 
track,  where  the  car  will  hit  120 
mph  before  the  cable  releases 
and  the  car  is  launched  forward 
to  “coast”  up  the  tower. 

Sound  effects 

At  rollback,  the  operators  turned 
on  the  sound  effects  —  the  blar¬ 
ing  sound  of  a  racing  engine 
shortly  followed  by  the  screech¬ 
ing  of  tires  as  a  jolt  rocks  you  back 
hard  against  the  seat  and  a  blast 
of  air  hits  you  in  the  face. 

Most  of  the  fools  who  had 
been  holding  their  hands  above 
their  heads  firmly  clutched  the 
lap-restraint  bar.  I  had  just 
enough  time  to  think  to  myself, 
“Gee  that  really  wasn’t  so  bad,” 
when  2  seconds  later,  the  catch- 
car  stopped,  and  the  car  was 
detached  and  catapulted  for¬ 
ward  off  the  cable,  producing  a 
second,  harder  kick.  We  were 
about  to  make  the  90-degree 
turn  to  race  up  the  side  of  the 
425-foot  tower  in  front  of  me. 

At  the  top,  the  car  was  suspend¬ 
ed  just  long  enough  for  riders  to 
experience  a  Wile  E.  Coyote 
moment  just  before  the  .  .  .  90- 
degree  drop. 


At  this  point  the  front  of  the  car 
was  tucked  under  our  chins.  Just 
a  few  feet  down,  we  entered  the 
270-degree  corkscrew,  which  was 
a  bit  like  going  through  the  vor¬ 
tex  of  a  tornado,  and  the  train 
was  positioned  upright  again  to 
enter  the  station. 

The  only  disappointment  was 
that  the  ride  is  so  fast  your  brain 
struggles  to  process  the  experi¬ 
ence  in  real  time.  So  there  was 
only  one  thing  to  do:  I  took  the 
ride  again  and  again.  It  got  bet¬ 
ter  every  time,  and  unlike  some 
roller  coasters,  I  can’t  imagine 
that  a  ride  on  the  Dragster  will 
seem  boring. 

After  all,  1  got  to  find  out  what 
it  feels  like  to  be  a  human  can¬ 
nonball,  or  a  Navy  pilot,  without 
the  cannon,  gunpowder,  helmet 
or  parachute. 

Taff-Rice  is  a  technology  writer 
and  attorney  in  the  San  Francisco 
Bay  area.  She  can  be  reached  at 
anitataffrice@earthlink.  net. 
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Short  Takes 


■  Ping  Identity  last  week  opened 
the  beta  program  for  the  next  ver¬ 
sion  of  its  PfngFederate  server, 
which  includes  support  for  the 
newest  standard  identity  protocols. 
The  server's  highlight  is  support  for 
the  Security  Assertion  Markup 
Language  2.0.  The  protocol,  which 
was  developed  by  the  Organization 
for  the  Advancement  of  Structured 
Information  Standards  is  seen  as  a 
technological  leap  over  earlier  ver¬ 
sions  of  the  protocol.  General  avail¬ 
ability  of  the  PingFederate  Server 
with  SAML  2.0  support  is  due  in 
October. 

■  CyberGuard  recently  announced 
Webwasher  Content  Security 
Management  Suite  5,2,  an 

upgrade  to  its  URL  and  content-fil¬ 
tering  software  that  runs  on  Win¬ 
dows,  Linux  or  Solaris,  as  well  as 
proxies  that  include  Microsoft  ISA 
Server.  CSM  5.2,  which  costs  be¬ 
tween  $20  and  $30  per  user,  includes 
a  way  to  run  three  anti-virus  engines 
—  McAfee,  Computer  Associates 
and  Sophos  —  in  parallel. 

■  Trend  Micro  unveiled  Trend 
Micro  IM  Security  for  Microsoft 
Office  Live  Communication  Server 
along  with  new  versions  of  its  e-mail 
security  product  ScanMail  for  both 
Microsoft  Exchange  and  Lotus 
Domino  as  well  as  an  upgrade  to  its 
Portal  Protect  for  Microsoft’s 
SharePoint  collaboration  platform. 
Trend's  security  product  for  Micro¬ 
soft's  Live  Communication  Server 
instant  messaging  platform  helps 
prevent  worms  such  Bropia,  Kelvir 
and  Fatso  from  using  IM  as  a  propa¬ 
gation  method.  Trend's  updated 
ScanMail  platforms  add  optional 
anti-spam  and  content  filtering 
technology  for  Exchange  and  Lotus 
Domino.  The  new  IM  security  prod¬ 
uct  is  priced  at  $14.98  per  user  for  a 
501-user  license.  Also  for  a  501-user 
license,  ScanMail  is  priced  at  $19.20 
per  user  for  Exchange  and  $21.20 
per  user  for  Domino.  The  updated 
Portal  Protect  is  priced  at  $17.92 
per  user. 


Wireless  growth  strategy 

Privately  held  Moseley  grows  wireless  offerings  through  shrewd  purchases. 


Profile:  Moseley  Associates 


Location:  Santa  Barbara,  Calif. 

CEO: 

Jamal  Hamdani;  led  a  management  buyout  to  acquire  Moseley  in  1992.  Previously  held 
management  jobs  with  General  Research,  the  BBC  and  Philips  Research  Laboratories.  Named 
^‘Entrepreneur  of  the  Year"  in  technology  in  2002  by  Ernst  &  Young. 

Business: 

Broadband  wireless  products  over  a  broad  range  of  spectrum  for  the  industrial,  carrier, 
and  broadcast  TV  and  radio  markets;  recently  acquired  bankrupt  Proxim  for  $21  million  for 
its  wireless  LAN  and  carrier  product  lines. 

Employees: 

More  than  300,  with  100  of  them  engineers. 

Finances: 

The  privately  held  company  says  2004  revenues  were  more  than  $90  million,  and  that  it 
remains  profitable. 

Fun  fact: 

Hamdani  has  lived  or  worked  on  four  continents:  Asia,  Africa,  Europe  and  North  America. 

BY  JOHN  COX 

Proxim,  a  pioneer  in  wireless  LANs,  has 
become  the  latest  acquisition  by  a  compa¬ 
ny  that  plans  to  become  the  “GE  of  wire¬ 
less”  —  a  diversified  global  conglomerate 
with  an  array  of  wireless  products. 

The  buyer  of  Proxim’s  assets  is  Moseley 
Associates,  a  quiet,  lean,  privately  held  com¬ 
pany  Far  from  being  a  household  name, 
Moseley  nevertheless  has  everything  that 
Proxim  lacks:  growth,  profitability  and  most 
of  all,  a  business  strategy  that’s  working. 

The  company  says  it  had  fiscal  2004  rev¬ 
enue  of  more  than  $90  million,  and  $20  mil¬ 
lion  in  earnings  before  interest,  taxes, 
depreciation  and  amortization  (EBITDA). 
EBITDA  is  taken  as  a  rough  measure  of 
profitability,  but  it  ignores  such  expenses  as 
debt  payments  and  capital  expenditures. 
Proxim’s  revenue  should  boost  Moseley  to 
close  to  $200  million. 

Proxim  last  month  declared  bankruptcy 
and  agreed  to  sell  its  assets  to  Moseley  for 
$21  million. 

Moseley’s  strategy  is  the  brainchild  of  its 
president  and  CEO,  Jamal  Hamdani,  who 
led  a  management  buyout  in  1996.  From 
the  outset,  his  plan  was  to  transform 
Moseley  into  a  diversified  wireless  compa¬ 
ny  from  its  origins  as  a  supplier  of  digital 
wireless  links  for  broadcasters. 


“We  don’t  believe  it’s  good  to  be  a  one- 
trick  pony’ Hamdani  says.'Think  of  [us]  as  a 
car  with  many  cylinders:  If  we  can  get  even 
just  a  few  of  them  firing,  we’re  in  good 
shape.” 

Before  buying  Proxim,  Moseley  acquired 
three  other  companies,  which  are  run  as 
wholly  owned  subsidiaries:  Microwave 
Data,  bought  in  2000,  offers  a  range  of  fixed 
and  mobile  wireless  products  for  industrial 
applications.  Axxcelera  Broadband,  bought 
in  2001,  has  a  line  of  broadband  wireless 
data  networking  products.lt  will  bring  out  a 
WiMAX  802.16  product  later  this  year. 
CarrierComm,  snapped  up  in  2002,  offers 


point-to-point  wireless  voice  and  data  trans¬ 
mission  products  for  the  carrier  market. 

To  this  portfolio,  Proxim  will  add  corpo¬ 
rate  and  hot  spot  WLAN  products,  and  its 
Tsunami  point-to-point  and  point-to-multi- 
point  broadband  offerings,  widely  used  by 
cellular  carriers  to  connect  base  stations 
with  wired  networks. 

Hamdani  declines  to  use  the  word  “un¬ 
successful”  to  describe  Proxim’s  efforts,  fol¬ 
lowing  a  merger  with  Western  Digital  in 
2002,  to  offer  a  range  of  fixed  broadband 
and  WLAN  equipment. 

“Being  a  public  company  creates 
See  Moseley,  page  18 


Tacit  gear  optimizes  WAN  traffic 


BY  TIM  GREENE 

Tacit  Networks  is  upgrading  its  WAN  opti¬ 
mization  gear  to  perform  better  for  compa¬ 
nies  that  want  to  support  wide-area  file  ser¬ 
vices  to  data  centers. 

Tacit’s  I-Shared  devices  sit  at  either  end 
of  wide-area  connections,  streamlining 
transfer  of  data  and  caching  files  to 
reduce  the  number  of  times  information 
has  to  cross  the  WAN  from  remote  offices. 
As  businesses  consolidate  server  farms  to 
save  on  hardware  and  maintenance  costs, 
WAFS  is  becoming  more  important  so 
end  users  at  remote  sites  don’t  suffer  intol¬ 
erable  delays  because  of  constraints  of 
WAN  connections. 

One  upgrade  Tacit  has  in  the  works  will 
improve  local  caching  so  that  if  the  WAN 
link  goes  down,  remote  users  can  access 


files  that  have  already  been  cached  on 
their  end. 

Through  the  cache,  customers  also  will 
be  able  to  modify  them  and  create  new 
files.  When  the  downed  links  come  back 
up,  I-Shared  boxes  will  re-synchronize  the 
files  with  the  server  where  the  files  per¬ 
manently  reside. 

The  I-Shared  devices  can  store  100G  to 
700G  bytes  of  data,  depending  on  the 
model.  When  the  disks  fill  up,  the  devices 
purge  those  least  used. 

This  upcoming  feature  is  of  interest  to 
the  World  Bank  Group  because  it  would 
help  keep  staff  working  during  what 
would  otherwise  be  downtime,  says 
Nasir  Alizadeh,  principal  information 
officer  at  the  bank.  Even  without  the 
upgraded  caching,  performance  on  aT-1 


link  between  Washington,  D.C.,  and 
Chennai,  India,  improved  with  a  Tacit 
box  on  either  end,  at  least  cutting  trans¬ 
fer  times  in  half,  he  says.  In  some  cases, 
transfer  times  dropped  from  hours  to 
minutes,  he  says. 

Caching  available  on  the  Tacit  gear  now 
requires  “lots  of  administration  work”  to 
let  local  users  access  the  cache  and  to  re¬ 
sync  later,  Alizadeh  says.  Connecting  the 
offices  is  important  enough  that  many  of 
the  bank’s  107  sites  have  redundant  WAN 
links  to  improve  uptime,  he  says. 

This  Disconnected  Operations  mode 
also  resolves  any  conflicts  that  might  arise 
during  an  outage.  For  example,  if  users  at 
different  sites  create  new  files  with  the 
same  name  while  they  are  disconnected 

See  Tacit  page  18 
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IBM  offers  digital  certificates  to  banks 


BY  CHINA  MARTENS 

IBM  last  week  announced  it  is  hoping  to 
encourage  banks  to  make  more  use  of  dig¬ 
ital  certificates  through  a  tie-up  with  trusted 
identity  company  Identrus. 

Identrus  has  certified  Version  1.5  and 
higher  of  IBM’s  z/OS  mainframe  operating 
system  so  that  users  of  the  software  can  act 
as  their  own  digital  certificate  authorities, 
eliminating  potentially  costly  middleman 
certifiers. 

The  deal  draws  on  previously  unexploit¬ 
ed  embedded  public-key  infrastructure 
(PKI)  capabilities  of  IBM’s  z/OS  software. 
IBM  first  included  PKI  in  Release  1.3  of 
z/OS  in  March  2002,  but  last  week’s  an¬ 
nouncement  marks  the  first  time  the  oper¬ 
ating  system  has  received  the  seal  of 
approval  of  a  certification  authority. 

“Setting  up  PKI  infrastructure  is  nontriv¬ 


ial,”  says  June  Felix,  general  manager  of  IBM 
Global  Banking. 

“We  heard  our  clients  say  that  it’s  impor¬ 
tant  to  make  PKI  as  easy  and  as  pervasive 
as  possible,”  she  says. 

Crucial  security 

Enabling  the  secure  transfer  of  financial 
information  is  becoming  more  crucial  as 
the  number  of  hacker  attacks  increases,  she 
adds. 

In  addition  to  using  digital  certificates  to 
verify  partners’  identities,  some  financial 
institutions  are  employing  the  technology 
internally  as  a  way  to  confirm  that  they  are 
communicating  with  what  they  believe  are 
parts  of  their  own  networks,  Felix  says. 

Charles  King,  principal  analyst  with  Pund- 
IT  Research,  sees  IBM’s  relationship  with 
Identrus  as  a  way  for  Big  Blue  to  drum  up 


more  business  in  the  banking  arena. 

“IBM’s  mainframe  solutions  own  about 
two-thirds  of  the  financial  institutions” with 
its  eServer  zSeries  mainframes  running 
z/OS,  he  says.“This  is  a  nice  enhancement 
allowing  IBM  to  go  to  the  one-third  [of 
banks]  it  doesn’t  work  with  to  offer  them 
an  operating  system-based  feature  that 
obviates  the  need  to  work  with  third-party 
groups.” 

Identrus  was  established  in  1999  by  a 
group  of  global  banks,  including  Citibank, 
Wells  Fargo  and  the  Royal  Bank  of  Scotland. 

The  privately  held  company  has  more 
than  60  banks  acting  as  Identrus  Certificate 
Authorities,  facilitating  millions  of  transac¬ 
tions  in  more  than  166  countries. 

Smaller  bank  interest 

While  these  Identrus  members  have  tend¬ 


ed  to  be  the  largest  worldwide  financial 
institutions,  Felix  expects  an  increasing 
number  of  smaller  banks  to  also  deploy  PKI 
and  digital  certificates.  She  pointed  to  the 
Swift  network,  which  over  the  next  three 
years  is  adopting  PKI  as  a  common  proto¬ 
col  to  be  embedded  into  the  systems  of  the 
7,000  banks  it  supplies  with  software. 

IBM’s  news  builds  on  earlier  mainframe 
security  announcements  from  the  compa¬ 
ny  with  more  to  come  this  summer,  most 
likely  in  relation  to  identity  and  fraud  man¬ 
agement,  Felix  says. 

The  company  also  hopes  to  transition  the 
technology  to  non-financial  users,  notably 
pharmaceutical  and  biotech  companies, 
Felix  adds. 

Martens  is  a  correspondent  with  the  IDG 
News  Service. 


Tacit  upgrades  cache 


Tacit  Networks  will  add  new  caching  features  to  its  l-Shared  appliances  so 
branch-office  workers  can  keep  working  on  centrally  located  files  when  the 
WAN  fails. 

Headquarters 


l-Shared  device  locally  caches  all 
files  recently  accessed  from 
servers  at  headquarters. 
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WAN  link  breaks  but  branch 
workers  continue  working  with 
cached  files  and  create  new  ones 
that  are  also  cached. 


Servers 


When  link  is  restored,  local  and  headquarters 
l-Shared  devices  re-sync  files,  including  those 
created  remotely  during  the  outage. 


Moseley 

continued  from  page  17 

numerous  pressures,”  he  says.“It’s  difficult 
to  move  quickly  in  such  a  fishbowl.  [As  a 
public  company]  you  have  to  present  a 
particular  view  to  the  world,  and  spend 
time  making  sure  that  comes  true.” 

But  Proxim,  which  also  acquired  the 
Orinoco  WLAN  prod¬ 
uct  line  from  Agere 
Systems,  also  was 
unable  to  execute  a 
successful  enterprise 
WLAN  strategy 

Its  presence  in  that 
segment  steadily  de¬ 
creased,  and  Proxim 
consistently  lost  mar¬ 
ket  share. 

Hamdani  says  another  pressure  was 
caused  by  last  year’s  court  decision  that 
levied  $26  million  in  damages  and  interest 
judgment  against  Proxim  in  favor  of  arch¬ 
rival  Symbol  Technologies. 

Symbol  had  said  that  Proxim  owed  royal¬ 
ties  on  products  sold  using  technology 
patented  by  Symbol. 

Those  pressures,  at  least,  won’t  exist  with 
Proxim  operating  as  a  Moseley  subsidiary 
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according  to  Hamdani.  Proxim’s  previous 
rounds  of  layoffs  have  already  “right-sized” 
the  company  which  still  has  more  than  200 
employees. 

Furthermore,  Proxim  won’t  have  the  costs 
of  being  a  public  company  or  the  large 
sums  it  had  been  paying  out  in  real  estate 
leases  and  the  royalty  payments  to  Symbol. 

“Take  out  all  that  burden,  and  Proxim  is  a 
very  viable  company?’ 
Hamdani  says. 

For  Proxim  cus¬ 
tomers  and  partners, 
“it  will  be  business  as 
usual,”  Hamdani  says. 
He  pledges  full  sup¬ 
port  for  the  various 
product  lines. 

An  unburdened 
Proxim  will  find  new 
purpose  within  Moseley’s  corporate  cul¬ 
ture,  and  new  power  in  being  able  to  exe¬ 
cute  its  business  plan,  Hamdani  says. 

He  cites  “three  pillars”  that  support 
Moseley:  innovative  management  of  tech¬ 
nology,  a  deep  understanding  of  customer 
needs  and, “in  my  opinion  the  most  impor¬ 
tant,”  compassion. 

It  all  sounds  rather  like  a  New  Age 
Harvard  Business  Review  story,  but 
Hamdani  speaks  with  quiet  conviction. 

Innovative  management  of  technology 
means  having  smart  people  who  can 
understand  a  rapidly  changing  technical 
environment  and  keep  pace  with  it. 

To  be  successful,  this  understanding 
has  to  be  wedded  to  an  equally  thor¬ 
ough  understanding  of  what  customers 
need. 

But  after  all  of  this,  he  says, “if  there’s  a  cer¬ 
tain  harshness  in  you,  if  there’s  no  caring, 
you  won’t  get  anywhere.”  Managers  have  to 
understand  what  is  important  to  employ¬ 
ees,  customers  and  business  partners.  ■ 


Tacit 

continued  from  page  17 

from  the  server,  the  Tacit  gear  will  recognize 
the  problem  and  store  them  under  differ¬ 
ent  names,  the  company  says. 

Tacit  says  it  also  will  accelerate  TCP  be¬ 
tween  its  boxes.  The  upgrade  will  improve 
performance  of  TCP  traffic  by  making  the 
protocol  restart  faster  after  packet  loss  or 
congestion  throttles  it  back. 

Tacit  faces  competition  from  Cisco  and 
its  File  Engine  gear, as  well  as  Juniper,  which 
bought  Feribit’s  WAN  optimization  technol¬ 
ogy  earlier  this  year.  Generalized  WAN  opti¬ 
mization  companies  such  as  Riverbed, 
Swan  Labs,  Expand  Networks  and  Racket¬ 
eer  all  have  WAFS-specific  products  or  plan 
them. 

Tacit  says  by  next  year  it  will  integrate 


with  umbrella  management  platform  such 
as  IBM’s  Tivoli  and  Microsoft’s  System 
Management  Server  to  provide  discovery, 
inventory  distribution,  reporting  and  re¬ 
mote  features  for  managing  servers  and 
desktops 

This  will  enable  centralized  rather  than 
box-by-box  management  of  large  deploy¬ 
ments  of  Tacit  boxes. 

As  the  upgrades  to  the  Tacit  software  roll 
out  over  the  next  year,  they  will  be  included 
with  purchases  made  by  new  customers 
and  will  be  software  revisions  for  current 
customers. 

I-Shared  appliances  are  priced  based  on 
user  licenses  and  cache  size.  An  I-Shared 
with  a  lOOG-byte  cache  ranges  from  $7,500 
for  10  users  to  $37,500  for  300  users.  A  300G- 
byte  cache  costs  $5,000  extra,  and  a  70QG- 
byte  cache  costs  $10,000  extra.  ■ 


“Think  of  [us]  as  a  car 
with  many  cylinders:  If 
we  get  even  a  few  of 
them  firing,  we’re  in 
good  shape.” 

Jamal  Hamdani,  president  and  CEO, 
Moseley  Associates 
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Proventia  ESP  (Enterprise  Security  Platform)  from  ISS  stops  Internet  threats  before  they  impact  your  network.  With  intrusion  prevention  and  vulnerability 
assessment  products  and  services,  Proventia  ESP  gives  you  centralized  control  and  enables  network  uptime.  Only  ISS  keeps  you  ahead  of  the  threat  with 
preemptive  protection  to  suit  your  needs.  Download  a  free  white  paper  at  www.iss.net/ESP/network,  or  call  1-800-776-2362. 
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tScaler  makes 

9  ■  i  ■ 


jn  up  to 


for  anyone,  anywhere. 


Every  day,  leading  Global  2000  enterprises, 
including  the  five  largest  e-businesses  in  the 
world,  rely  on  NetScaler  to  dramatically  accel¬ 
erate  application  performance.  All  without 
adding  servers,  bandwidth,  or  consultants. 
Perhaps  that’s  why 
NetScaler  is  rated  #1 
in  customer  satisfac¬ 
tion  among  Layer  4-7 
networking  vendors. 

See  what  NetScaler 

* Percent  of  customers  who  gave 
can  do  for  you  at  vendor  5-out-of-5  rating  for 

overall  customer  satisfaction. 
WWW.netsealer. com/1 5x  Frost  &  Sullivan,  May  2005. 


#1  in  Customer  Satisfaction* 

mm 

76° 

Q "B  - 

NetScaler  Cisco  F5 

'  2005  NetScaler,  Inc.  All  trademarks  are  the  properties  of  their  respective  owners 
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ENTERPRISE  COMPUTING 

■  WINDOW^IILINU)^l^^^^riSTORAG^!BGRID/UTlUT^iMOBIL£cOMPlJTTNG^^^^^^^^^^^^^ 


The  ABC  s  of  AMD  vs.  Intel 


BY  JENNIFER  MEARS 

Advanced  Micro  Devices,  the  underdog  in  the  explo¬ 
sive  x86  processor  market,  is  taking  its  giant  rival 
Intel  to  court.  In  a  complaint  it  filed  late  last  month, 
AMD  claims  that  Intel  has  used  illegal  tactics, 
including  threats,  coercion  and  monetary  incentives, 
to  keep  systems  vendors  from  embracing  AMD's 
competing  product.  “AMD's  market  share  has  not 
kept  pace  with  its  technical  leadership.  Intel’s  mis¬ 
conduct  is  the  reason,” AMD  claims  in  the  48-page 
complaint  it  filed  in  U.S.  District  Court  in  Delaware 
June  27. AMD  is  demanding  a  trial  and  aims  to  get 
the  case  in  front  of  a  jury  by  the  end  of  next  year.  We 
spoke  with  industry  and  legal  experts  to  get  more 
detail  on  some  key  issues: 

Why  is  AMD  suing  Intel? 

While  AMD  has  stepped  up  innovation  with  its  32764- 
bit  Opteron  processor  and  its  Athlon  64  chip  for  desk¬ 
tops,  it  continues  to  hold  just  a  slice  of  the  x86  processor 
market.  Meanwhile,  Intel’s  sales  accounted  for  90%  of  the 
revenue  in  the  $5.8  billion  market  in  the  first  quarter, 
according  to  IDC.  AMD  says  Intel  has  used  this  maiket 
dominance  to  limit  competition  —  and  thus  stifle  inno¬ 
vation  and  ultimately  hurt  the  consumer  with  higher 
prices  and  lack  of  choice.  In  its  complaint,  AMD  lists  38 
companies  that  it  says  have  been  economically  coerced 


by  Intel  to  avoid  —  or  limit  their  purchase  of  —  AMD’s 
products.  In  the  case  of  Dell,  the  only  Tier  1  systems  ven¬ 
dor  not  to  carry  AMD-based  products,  for  example,  the 
complaint  states, “In  discussions  about  buying  from  AMD, 
Dell  executives  have  frankly  conceded  that  they  must 
financially  account  for  Intel  retribution  in  negotiating 
pricing  from  AMD.” 

Why  is  AMD  suing  now? 

This  is  not  the  first  time  AMD  has  taken  legal  action 
against  Intel.  In  fact, AMD  filed  a  similar  complaint  in 
1991. That  case  was  resolved  as  part  of  a  global  settle¬ 
ment  of  all  outstanding  litigation  between  the  two  in 
1995.This  time,  however, some  industry  experts  say  AMD 
might  have  stronger  footing.  While  the  chip  maker  was 
clearly  the  underdog  in  the  mid-1990s,  its  success  with 
its  32-/64-bit  Opteron  chip  and  Athlon  64  processor,  as 
well  as  its  dual  core  technology,  make  AMD  a  more  for¬ 
midable  competitor.  In  addition,  the  ruling  in  March  by 
the  Japanese  Fair  Trade  Commission  finding  Intel’s  con¬ 
duct  there  anticompetitive  might  give  AMD’s  claims 
more  weight  in  the  U.S. 

What  could  the  outcome  of  the  case  mean  to  network  and  IT 
professionals? 

Industry  experts  caution  that  it  could  be  quite  a 
while  before  an  outcome  is  reached. When  it  is,  it’s 
unclear  exactly  how  it  will  impact  end  users.  If  AMD 
wins  its  case,  then  it  will  be  good  news  for  technology 
buyers.  AMD  claims  that  Intel’s  discounting  practices 


and  sweetheart  deals  are  hampering  competition  and 
putting  products  on  the  market  at  higher,  monopoly 
prices.  An  AMD  victory  would  mean  more  freedom  of 
choice,  likely  driving  down  prices.  On  the  other  hand, 
some  industry  observers  note  that  Intel  might  argue 
that  its  processors  running  Windows  have  been  the 
very  reason  why  PCs  and  servers  have  been  commodi¬ 
tized:  Since  vendors  are  offering  very  similar  products, 
they  must  differentiate  themselves  on  price. 

What  could  the  outcome  mean  for  PC  and  server  makers? 

If  it’s  found  that  Intel  has  been  engaging  in  illegal 
practices,  it  could  mean  the  end  to  the  sweetheart 
deals  for  Intel  customers. That  would  be  bad  news,  at 
least  in  the  short  term,  for  OEM  bottom  lines.  But  AMD 
says  that  over  the  long  term,  its  victory  would  restore  a 
true  competitive  marketplace,  which  would  drive  down 
microprocessor  prices. 

How  difficult  will  it  be  for  AMD  to  prove  its  claims? 

The  bulk  of  AMD’s  evidence  has  to  do  with  Intel’s  deal¬ 
ing  with  third  parties.  As  a  result,  AMD  will  have  to  identi¬ 
fy  through  the  court’s  discovery  process  the  people  who 
dealt  with  Intel,  take  depositions  and  get  documents 
illustrating  the  anticompetitive  behavior.  AMD  has  little 
control  over  what  such  witnesses  will  say  But  AMD  has 
already  scored  a  victory  in  this  area.  Last  week,  AMD  said 
that  the  U.S.  district  court  had  granted  its  request  for  doc¬ 
uments  from  nearly  three  dozen  computer  companies 
be  preserved  for  use  as  evidence  in  its  case.  ■ 


WIRED  WINDOWS 

Dave  Kearns 


There’s  been  a  lot  written  about 
Microsoft’s  recently  announced  plan  to 
bundle  RSS  tools  into  the  next  release  of 
Windows  (that  is,  Longhorn)  as  well  as  into 
Internet  Explorer  7,  which  will  run  on 
Windows  XP  but  probably  be  released  until 
Longhorn  ships. 

RSS  was  originally  said  to  be  an  abbrevia¬ 
tion  for“Real  Simple  Syndication”and  it  has 
a  fascinating  history.  See  www.network 
world.com,  DocFmder.  7937  for  the  story 
which  only  includes  developments 
through  2002  and  doesn’t  even  mention 


Taking  RSS  up  a  notch 


Atom  (DocFmder:  7938), the  latest  incarna¬ 
tion  of  a  syndication  protocol  adopted  by 
among  others,  Google  for  its  Blogger.com 
site. 

What  RSS  and  Atom  do  is  allow  syndica¬ 
tion  of  XML-enabled  data.  You  use  what’s 
called  a  news  “aggregator”  to  subscribe  to 
and  periodically  poll  RSS  sites  for  new  sto¬ 
ries.  It’s  a  great  way  to  keep  up  with  blogs, 
but  it’s  also  useful  to  keep  abreast  of  tech¬ 
nical  information,  such  as  Novell’s  Tech¬ 
nical  Information  Document  database 
(DocFmder.  7939).  Vendors  could  use  it  to 
keep  you  informed  about  fixes,  patches  and 
updates. 

It’s  not  new  and  it’s  not  rocket  science.You 
can  do  it  today  on  any  platform.  There  are 
stand-alone  aggregators,  e-mail  client  plug¬ 
ins,  Web  browser  plug-ins  and  tool  kits  so 


you  can  roll  your  own.  For  Microsoft  to  roll 
it  into  the  operating  system  is  no  more  rev¬ 
olutionary  than  including  a  Web  browser  or 
an  e-mail  client  —  something  they’ve  done 
for  many  years. 

There  also  seems  to  be  a  lot  of  noise  (pri¬ 
marily  generated  by  the  Gartner  Group) 
claiming  that  adding  RSS  will  open  up 
many  new  security  holes  in  Windows.  Of 
course,  they  also  include  “spam”  when  they 
talk  about  security, so  I’m  not  sure  they  real¬ 
ly  know  what  they’re  about.  Yes,  you  could 
get  spam  in  an  RSS  feed,  but  only  if  it  were 
posted  to  a  site  you  subscribe  to.  It’s  that 
site,  not  the  RSS,  which  needs  to  be 
secured. 

As  for  allowing  new  malware  to  enter 
your  computer,  an  RSS  feed  is  just  a  stream 
of  XML  data  —  like  all  Microsoft  Office  doc¬ 


uments  will  be  starting  with  the  next 
release. 

Either  it’s  the  silly  season  or  there  hasn’t 
been  enough  bad  news  lately! 

Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 


■  I  saw  a  preview  of  Microsoft's  new  Virtual 
Earth  last  week,  the  latest  product  to  come 
from  its  MapPoint  division  (DocFmder:  7940). 
This  is  going  to  be  really  neat! 
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APPLICATION  SERVICES 

■  CRM  ■  MESSAGING/COLLABORATION  ■  WEB  SERVICES  H  ERP  ■  E-COM  M  NETWORK  AND  SYSTEMS  MANAGEMENT 


Short  Takes 


■  Oracle  has  reached  a  deal  to 
acquire  privately  held  ProfitLogic,  a 
developer  of  software  for  the  retail 
industry.  Financial  terms  of  the  deal 
were  not  disclosed.  The  acquisition 
comes  on  the  heels  of  Oracle's  April 
purchase  of  retail  ERP  software 
maker  Retek.  ProfitLogic’s  software 
analyzes  factors  such  as  inventory, 
pricing  and  promotions  to  help  retail¬ 
ers  optimize  their  financial  strategies. 
Its  customers  include  Sears,  Roebuck 
&  Co.,  Bloomingdale's  Inc.,  J.  C. 

Penney  and  Burlington  Coat  Factory. 
Pending  regulatory  approvals,  Oracle 
expects  the  deal  to  close  by  the  end 
of  the  month. 

■  NLayers  this  week  will  update  its 
flagship  product  to  support  passive 
and  active  monitoring.  InSight  4.0  is 
a  network-attached  appliance  that 
sniffs  packets,  discovers  application 
conversations  and  builds  a  topology 
model  displaying  application  depen¬ 
dencies  among  servers,  end  users 
and  network  devices.  The  new  add-on 
module  lets  customers  selectively 
drill  down  to  get  more  data  from  spe¬ 
cific  servers  and  the  applications  run¬ 
ning  on  them.  NLayers  InSight  starts 
at  $95,000.  The  Active  Discovery 
Module  starts  at  $50,000.  Both  prices 
scale  up  based  on  the  number  of 
servers  and  nodes.  Version  4.0  will  be 
in  limited  availability  starting  this 
week  and  then  generally  available  in 
early  August. 

■  Privately  held  Concerto  Soft¬ 
ware  is  to  acquire  Aspect  Com¬ 
munications  in  a  deal  valued  at  $1 
billion  that  could  create  the  world’s 
largest  call  center  products  and  ser¬ 
vices  company,  the  companies 
announced  last  week.  The  duo  hope 
the  tie-up  will  better  position  them  to 
expand  their  presence  in  countries 
where  call  centers  are  rapidly  grow¬ 
ing,  notably  Latin  America,  India,  the 
Philippines  and  China.  Concerto  spe¬ 
cializes  in  outbound  dialing  and  uni¬ 
fied  call  center  software,  while 
Aspect  focuses  on  call  center  work¬ 
force  management  application  and 
performance  analytics. 


Lotus  overhauls  Notes  client 


BY  JOHN  FONTANA 

Even  though  Notes/Domino  7.0  isn’t  due 
for  the  next  few  months,  IBM/Lotus  has 
uncharacteristically  put  in  motion  its  next 
significant  platform  overhaul  that  will  fully 
merge  the  traditional  Notes  client  with  new 
Java-based  technology 

The  intent  is  to  give  users  a  single  client 
that  can  access  messaging  features,  Notes 
applications  and  non-Notes  applications 
running  on  IBM’s  middleware. 

Last  month,  the  company  showed  off  that 
client,  code-named  Hannover,  which  is  slat¬ 
ed  to  go  into  beta  early  next  year. 

The  client,  once  tagged  with  the  name 
Notes  8.0,  is  the  culmination  of  two  years  of 
work  to  integrate  the  Notes  client  with 
IBM’s  Java-based  Workplace  Client  Technol¬ 
ogy  (WCT),  a  “rich  client”  framework  that 
includes  a  small  database,  a  run-time  envi¬ 
ronment  and  a  synchronization  technolo¬ 
gy  that  supports  clients  and  middleware 
servers  sharing  application  processing 
chores. 

Hannover  will  not  only  expand  tradition¬ 
al  messaging  centric  concepts  such  as  the 
in-box,  calendaring  and  scheduling,  but 
also  will  be  but  one  component  running 
inside  the  WCT  framework  supporting  both 
traditional  Notes  applications,  new  era 
composite  applications  and  combinations 
of  both. 

“Hannover  is  not  an  incremental  upgrade 
of  Notes,”  says  Ken  Bisconti,  vice  president 
of  Workplace,  portal  and  collaboration  for 
IBM/Lotus.  “This  is  a  considerably  acceler¬ 
ated  investment  in  Notes.  We  now  see  how 
we  will  technically  implement,  in  the  future 
for  Lotus  Notes  users,  the  potential  value  of 
the  Workplace  Client  Technology  and  other 
recent  innovations.” 

Transitional  moment 

For  Notes/Domino  users,  Hannover  repre¬ 
sents  the  start  of  what  will  be  a  transition  to 
IBM’s  WCT  as  a  front  end  for  either  Domino 
or  Workplace,  a  Java  2  Platform  Enterprise 
Edition  (J2EE)-based  component  platform 
that  marries  the  rich  client  with  WebSphere 
application  server,  Workplace  components 
such  as  Workplace  Messaging,  and  the  DB2 
database. 

The  middleware  backbone  is  what  com¬ 
panies  can  use  to  deploy  Web  services  and 
build  service-oriented  architectures. 

“Whether  you  want  it  or  not,  you  are  get¬ 
ting  Workplace  Client  Technology  says  Matt 


New  look 

IBM/Lotus  plans  to  introduce  a  new  Notes  client  in  late  2006  or  early  2007  that 
supports  what  it  calls  "activity-centric"  computing,  which  is  the  ability  to  organize 
data  from  various  sources  around  specific  tasks. 


The  Activities  tab  opens  an  interface  where  information  is  grouped  by  tasks.  (The  number  on  the  tab  refers  to 
unread  entries.) 


An  "activity"  can  contain  various  documents,  including  calendar  entries,  e-mails,  online  workspace  information  and 
chat  threads. 


Cain,  an  analyst  with  Gartner.There  is  noth¬ 
ing  forcing  you  to  use  WCT  components  if 
you  are  just  going  to  run  it  against  a 
Domino  back  end.”  Cain  says  users  with 
Workplace  or  J2EE  servers  on  the  back  end 
will  have  multiple  options  for  using 
Hannover. 

“Clearly  with  Hannover,  what  we  see  is 
IBM  on  the  front  end  blending  in  its  Work¬ 
place  Client  Technology  and  therefore 
kick-starting  longer  term  migrations  to 
Workplace  services  on  the  back  end,”  Cain 
says. 

Cain  says  in  the  short  term  the  question  is 
how  much  of  the  new  Hannover  feature  set 
will  be  available  to  those  running  only 
Domino. 

“At  this  point  that  is  an  unknown. If  it  takes 
the  addition  of  a  Workplace  server  on  the 
back  end  to  expose  new  feature  sets  in  the 


Notes  client  component  of  Hannover  then 
obviously  that  is  a  more  substantial  under¬ 
taking  for  Domino  shops  because  it  essen¬ 
tially  forces  them  into  Workplace,”  he  says. 

IBM/Lotus  says  Hannover  has  plenty  for 
Notes  users,  including  the  new  “activity-cen¬ 
tric  computing,”  which  is  the  process  of  or¬ 
ganizing  data  from  various  sources  around 
specific  tasks,  such  as  a  sales  project,  as 
opposed  to  searching  for  that  data  within 
various  silos  such  as  calendars,  in-boxes  or 
discussion  threads. 

Final  manifestation 

It  is  IBM/Lotus’  final  manifestation  of  what 
it  and  rival  Microsoft  refer  to  as  “contextual 
collaboration,”  which  allows  users  to  stay  in 
one  interface  while  accessing  multiple 
application  services. 


See  Lotus,  page  24 
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A  meaningless  win? 


NET  INSIDER 

Scott  Bradner 


Early  in  the  morning  of  July  4, 
NASA  purposefully  crashed  an 
820-pound  chunk  of  metal  into  a 
comet  at  about  23,000  mph.The 
flight  of  the  Deep  Impact  probe, 
which  started  in  early  January  as 
the  third  part  of  a  billion-dollar 
mission,  was  designed  to  see  what 
makes  up  a  comet. 

Just  a  week  earlier,  the  Supreme 
Court  had  a  chance  to  strike  the 
recording  industry  hard  enough 
to  see  what  it  is  made  of,  but 
struck  a  glancing  blow  instead. 
Maybe,  over  the  next  few  years,  its 
Grokster  decision  will  be  seen  as 
a  meaningless  cul-de-sac. 


The  Grokster  saga  has  taken  a 
lot  longer  than  the  Deep  Impact 
mission  and  is  not  yet  over.  In  May 
2003,  I  wrote  about  the  original 
summary  judgment  that  said 
Grokster  was  not  liable  for  copy¬ 
right  violations  (www.  network 
world.com,  DocFinder:  7930), 
then  again  about  a  year  later 
when  an  Appeals  Court  upheld 
the  original  decision  (DocFinder: 
7931). 

Now  the  Supreme  Court  has 
spoken  a  non-final  word  (Doc¬ 
Finder:  7932),  deciding  that  Grok¬ 
ster  could  be  liable  for  the  copy¬ 
right  violations  of  its  users.That  is, 
if  Grokster  distributed  software 
“with  the  object  of  promoting  its 
use  to  infringe  copyright,  as 
shown  by  clear  expression  or 
other  affirmative  steps  taken  to 
foster  infringement,  going  beyond 
mere  distribution  with  knowledge 
of  third-party  action.” 


The  Court  found  enough  evi¬ 
dence  of  fostering  infringement  to 
overturn  the  original  summary 
judgment  and  send  the  case  back 
for  a  trial  on  the  merits. 

1  had  hoped  that  the  court 
would  uphold  the  original  judg¬ 
ment.  Not  because  I’m  anti  copy¬ 
right:  as  an  author  and  a  longtime 
observer  of  tensions  over  copy¬ 
right  in  the  Internet  age  (see  Doc 
Finder:  7933),  I  support  the  origi¬ 
nal  purpose  of  copyright  as  artic¬ 
ulated  in  Section  8,  Clause  8  of  the 
U.S.  Constitution  (DocFinder: 
7934). 

I  am  not  a  supporter  of  the  end¬ 
less  extensions  of  copyright  that 
have  been  a  feature  of  our  gov¬ 
ernment  for  the  lobbyists  for  far 
too  long.  Nor  am  I  a  supporter  of 
the  entertainment  industry’s 
myopic  focus  on  shooting  mes¬ 
sengers  rather  than  developing 
new  messages.  I  was  hoping  the 


Supreme  Court  would  strike  a 
blow  to  the  entertainment  indus¬ 
try  that  would  have  forced  it  to 
wake  up  and  actually  do  some 
thinking  about  ways  to  provide 
services  to  its  customers  —  not 
just  serve  papers  on  them. 

But  the  court  decision  might 
be  as  meaningless  as  Hilary 
Rosen,  former  head  of  the 
Recording  Industry  Association 
of  America,  asserts  it  will  in  an 
interview  published  in  The  New 
York  Times  on  July  4. 

The  decision,  and  the  forth¬ 
coming  court  case  (assuming 
Grokster  does  not  just  fold  its 
tent  and  fade  away,  leaving  its 
software  alive,  spreading  and 
likely  unstoppable),  are  far  from 
the  last  words  on  this  topic.  The 
lawsuits  against  new  technology 
will  continue,  at  least  until  some 
clarity  is  developed  over  what 
steps  constitute  fostering 


infringement.  The  sharing  tech¬ 
nology  will  also  continue,  and  if 
the  next  developer  very  carefully 
does  nothing  overt  to  promote 
illegal  sharing,  the  software  will 
not  violate  the  Supreme  Court’s 
guidelines. 

The  legal  playground  might  also 
change  significantly.  Marybeth 
Peters,  the  U.S.  Register  of  Copy¬ 
rights,  has  proposed  significant 
changes  to  basic  copyright  law 
(DocFinder:  7935).  Maybe  we  will 
get  a  Deep  Impact  on  the  indus¬ 
try  after  all. 

Disclaimer:  Harvard  was  in¬ 
volved  in  Deep  Impact  (Doc 
Finder:  7936),  but  I  know  of  no 
university  opinion  on  the  impact 
of  the  Grokster  decision. 

Bradner  is  a  consultant  with 
Harvard  University’s  University  In¬ 
formation  Systems.  He  can  he 
reached  at  sob@sobcom.com. 


Microsoft's  CRM  package 
targets  small  businesses 


Lotus 

continued  from  page  23 

IBM/Lotus  is  focusing  those  innovations 
in  four  distinct  areas:  improvements  in 
e-mail  calendar  and  the  addition  of  pres¬ 
ence  technology  to  contact  management; 
introduction  of  activity-centric  comput¬ 
ing;  extending  the  application  qualities  of 
the  Notes  platform  to  support  composite 
applications  based  on  open  standards; 
and  delivering  it  all  in  a  managed  envi¬ 
ronment  that  companies  can  tailor  to  suit 
their  business. 

The  activity-centric  computing  is  perhaps 
the  biggest  change.  It  allows  users  to  orga¬ 
nize  data  from  multiple  sources  into  a  sin¬ 
gle  project  or  activity  For  example,  a  user 
could  collect  e-mail  threads,  chat  logs,  doc¬ 
uments  and  online  workspace  data  into  an 
activity  and  invite  users  to  share  that  infor¬ 
mation  or  subsets  of  that  information.  An 
“Activity”  tab  within  the  client  allows  users 
to  look  at  those  activities  in  a  single  pane. 

There  might  be  that  value,  but  accord¬ 
ing  to  experts  it  is  no  coincidence  that  the 
introduction  of  Hannover  and  its  pro¬ 
posed  ship  date,  in  late  2006  or  early  2007, 
coincides  with  Microsoft’s  planned  re¬ 
lease  of  Office  12  and  Longhorn  client, 
which  is  a  cornerstone  for  real-time  col¬ 
laboration  services,  component-based 
application  delivery  and  support  for  con¬ 
textual  collaboration. 

“Microsoft  is  continuing  a  strategy  of 
putting  more  client  interfaces  in  front  of 
their  end  users,”  Bisconti  says.  “We  don’t 
think  this  is  the  method  of  achieving  pro¬ 
ductivity  gains  and  improving  the  way  peo¬ 
ple  work.” 


Road  to  Hannover 

Despite  having  yet  to  release  Version 
7.0  of  its  Notes  client,  IBM/Lotus  is 
already  talking  about  the  next  version 
of  the  client,  code-named  Hannover, 
which  will  integrate  the  software  with 
IBM/Lotus'  Java-based  Workplace 
ClientTechnology. 


Timeline 

Client  version 

January-Mareh 

2005 

Notes/Domino  7.0  Beta  3, 
Notes  6.0.5,  Notes  6.5.4 

Juiy-Sepfember 

2005 

Support  ends  for  Notes  5.0, 
Notes/Domino  7.0. 

January-Jtme 

2006 

First  Hannover  preview  at 
Lotusphere. 

First  public  beta  of  Hannover, 

October  2006- 
Juihs  2007 

Notes  Hannover. 

So  while  Hannover  represents  a  major 
investment  for  IBM/Lotus  to  update  and 
upgrade  its  Notes  client,  it  also  signals  a 
new  round  in  its  battle  with  Microsoft,  one 
which  started  over  messaging  servers  but 
now  includes  the  fight  to  provide  a  power¬ 
ful  client  to  support  serviceoriented  com¬ 
puting  environments. 

“The  way  we  look  at  the  world  of  trying  to 
improve  information  work  is  that  it  starts 
with  the  people.  We  start  where  they  work 
and  with  the  way  that  they  work,”  says  Dan 
Leach,  group  product  manager  for  Office. 
“It’s  the  ability  to  use  whatever  client  you 
use  and  have  a  rich  capability  to  tie  into 
back-end  services.  We  are  confident  going 
into  this  next  round.  It’s  an  opportunity  for 
us  to  talk  to  Lotus  customers.”* 


BY  PETER  SAYER 

Microsoft  will  release  a  new  version  of 
its  CRM  software  around  year-end.  With 
the  new  version  will  come  a  special  edi¬ 
tion  for  small  businesses,  a  subscription- 
based  license  for  hosting  services,  and 
support  for  more  languages,  including 
Chinese  and  Arabic. 

The  software  will  come  with  two  new 
modules:  one  to  automate  the  manage¬ 
ment  of  direct  marketing  campaigns;  and 
one  to  manage  complex  personnel  and 
resource  scheduling  requests,  the  com¬ 
pany  says.The  new  version  is  a  great  leap 
forward  in  at  least  one  other  respect,  as 
the  company  is  moving  directly  from 
Version  1.2  and  numbering  the  new 
Version  3.0. 

One  treat,  coming  up 

The  new  version  includes  a  treat  for 
reseller  partners:  Microsoft  says  it  will 
reduce  the  time  and  effort  required  to 
create  tailored  versions  of  the  software 
for  vertical  markets,  or  to  integrate  it 
with  other  applications.  Partners  will  be 
able  to  obtain  the  necessary  software 
development  kit  for  CRM  3.0  through  the 
Microsoft  Developer  Network  later  this 
year. 

Customers  will  be  able  to  buy  and  run 
the  CRM  3.0  tool  in  two  ways:  either  as  a 
packaged  product  they  run  themselves, 


or  as  a  hosted  service  they  pay  for 
through  the  new  subscription-based 
license.  They’ll  be  able  to  change  their 
minds  later,  too,  as  the  code  for  the  host¬ 
ed  and  on-site  versions  will  be  the  same 
—  only  the  license  will  change,  Microsoft 
says. 

The  company  hopes  small  businesses 
using  Windows  Small  Business  Server 
2003  Premium  Edition  with  Office 
Outlook  2003  and  Business  Contact 
Manager  will  upgrade  to  CRM  3.0  Small 
Business  Edition  (SBE).This  will  add  the 
new  features  of  the  CRM  suite  while 
retaining  the  look  and  feel  of  the 
Outlook  e-mail  and  workflow  client,  the 
company  says.  It  will  announce  pricing 
for  CRM  3.0  SBE  nearer  to  the  launch 
date. 

Microsoft  will  release  CRM  3.0  to  cur¬ 
rent  users  in  the  fourth  quarter,  and  sell  it 
to  new  customers  in  the  first  quarter  of 
next  year,  it  said.  The  new  version  will 
add  support  for  seven  new  languages, 
bringing  the  number  supported  to  23. 

Also  last  week,  Microsoft  reiterated  that 
it  plans  to  ship  its  SQL  Server  2005, Visual 
Studio  2005  and  BizTalk  Server  2006 
products  on  Nov.  7,  with  launch  events 
planned  in  50  countries. 

Sayer  is  a  correspondent  with  the  IDG 
News  Service. 
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SQL  Server  2000  on  Windows  Server  2003  experienced  144  fewer  seem  t , 
vulnerabilities  versus  Oracle  10  g  on  Red  Hat  Enterprise  Linux  3.0.  To  see  oil  the  best 
results  or  to  find  a  Microsoft  certified  partner  go  to  niicrosoft.com/sql 


SQL  Server  2000  beats  Oracle  lOg 
on  security  vulnerabilities. 
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SERVICE  PROVIDERS 

■  THE  INTERNETI^HIsilINTEREXCHANGES  AND  LOCA^ARmERSI^JviRE^S^^^EGU^TORY  AFFAIRS  B  CARRIER  INFRASTRUCTURE 


EYE  ON  THE  CARRIER 

Johna  Till  Johnson 


As  Mark  Twain  famously  said,  there  are 
three  kinds  of  lies:  lies,  damned  lies  and  sta¬ 
tistics.  Want  proof?  Check  out  the  federal 
appropriations  bill  for  funding  the  National 
Science  Foundation  in  2006.  The  adminis¬ 
tration  proudly  boasts  a  roughly  2% 
increase  in  NSF  funding,  which  rises  by 
$128  million  to  $5.6  billion  (see  www.net 
workworld.com,  DocFmder:  7941). 

In  a  year  of  burgeoning  deficits  and  dra¬ 
matic  belt-tightening,  that  sounds  pretty 
good,  at  least  compared  with  last  year,  when 
the  administration  actually  cut  the  NSFs 
budget  by  $100  million.  But  check  out  the 
fine  print.  Of  the  proposed  $132  million 
increase,  just  $113  million  is  earmarked  for 
research  and  related  activities  (R&RA)  — 
the  “meat  and  potatoes”  budget  from  which 
the  NSF  pays  researchers.  Moreover,  nearly 
$50  million  of  this  so-called  R&RA  increase 
is  accomplished  by  asking  the  NSF  to 
assume  operations  and  maintenance  of  the 


Short  Takes 


■  CenturyTel,  a  competitive  local 
exchange  carrier,  has  announced 
that  it  has  completed  its  $65  million 
acquisition  of  KMC  Telecom  Hold¬ 
ings.  With  the  purchase,  CenturyTel, 
which  offers  business  and  residen¬ 
tial  services  in  mostly  rural  areas  of 
the  U.S.,  is  expanding  service  in  11 
states:  Alabama,  Indiana,  Kansas, 
Louisiana,  Michigan,  Minnesota, 
Mississippi,  Ohio,  Tennessee, Texas 
and  Wisconsin,  adding  to  Century- 
Tel's  26-state  geographic  reach. 

■  A  study  released  last  week  by 
instant  messaging  security  vendor 
IMIogic  reported  hackers  and  virus 
writers  are  recognizing  and  exploiting 
opportunities  presented  by  IM-based 
attacks,  which  have  risen  sharply 
over  the  last  two  quarters.  The  num¬ 
ber  of  IM  attacks  has  increased  from 
20  for  all  of  2004  to  571  in  the  second 
quarter  of  2005  alone. 


Why  government  R&D  matters 


polar  ice-breaking  fleet  (previously  han¬ 
dled  by  the  Coast  Guard). 

Setting  aside  the  amusing  image  of  lab- 
coated  scientists  piloting  ice-breaking  ves¬ 
sels  (and  where  do  I  apply  for  that  job,  any¬ 
way?),  that  leaves  just  a  $65  million  increase 
for  true  research  —  not  enough  to  bring 
research  expenditures  back  up  to  2004  lev¬ 
els,  let  alone  increase  them.  And  it’s 
nowhere  near  the  proposed  $8.5  billion 
investment  for  the  NSF  authorized  in 
December  2002  (but  never  instantiated). 

Why  should  you  care? 

Two  reasons.  First,  the  evidence  is  in: 
Research  in  science  and  technology 
demonstrably  pays  off  big-time  in  terms  of 
economic  growth  and  prosperity  A  recent 
study  created  for  the  U.S.  Small  Business 
Administration  cites  quantitative  data 
showing  that  university  research  directly 
leads  to  the  creation  of  new  businesses 


(DocFmder:  7942). The  report’s  key  finding: 
“Research  universities  and  investment  in 
R&D  are  major  factors  contributing  to  eco¬ 
nomic  growth.” 

Second,  the  NSF  in  particular  has  a  pretty 
good  track  record  when  it  comes  to  driving 
technology  innovation.  Let’s  not  forget  how 
the  Internet  ratcheted  into  high  gear  once 
the  NSF  took  over  its  operations  in  1986. 1 
was  using  it  for  particle  physics  research  at 
the  time,  and  I  distinctly  remember  the 
improvement. 

Moreover,  the  NSF  is  remarkably  efficient: 
More  than  95%  of  its  budget  supports  actual 
research,  with  only  5%  going  to  overhead. 
Few  privately  operated  charities  can  say  the 
same. 

And  failing  to  make  this  investment  car¬ 
ries  its  own  risks,  in  the  form  of  reduced 
innovation,  lowered  competitiveness  and 
diminished  prosperity  As  Newt  Gingrich  put 


it  in  May  2002:  “The  danger  from  under- 
investing  in  science  . . .  [is]  greater  than  the 
danger  of  any  conceivable  conventional 
war? 

So  here’s  the  deal.  If  you  agree  with  me 
please  do  more  than  drop  me  an  e-mail  — 
send  letters,  and  make  phone  calls,  to  your 
elected  representatives.  The  Senate  is  cur¬ 
rently  reviewing  the  2006  budget  for  final 
approval;  there’s  not  much  chance  of  signif¬ 
icant  changes  at  this  late  date,  particularly 
given  the  imminent  summer  recess.  But 
when  Congress  returns  in  September,  tech¬ 
nology  investment  for  2007  and  beyond 
should  be  front  and  center  on  the  agenda. 

Our  future  depends  on  it. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


WilTel  CEO  talks  strategy 


A  leading  wholesale  provider  of  telecom 
services,  WilTel  Communications  has 
been  pursuing  the  enterprise  market 
directly  as  a  next-generation  ISP  for  the 
last  two  years.  Network  World  Senior 
Editor  Carolyn  Duffy  Marsan  spoke 
recently  with  WilTel  CEO  Jeff  Storey 
about  the  company's  enterprise  strategy  and  its  critical 
but  changing  relationship  with  SBC  Here  are  excerpts 
from  their  conversation: 


What  success  has  WilTel  had  in  its  push  into  the  enterprise  market9 

We  target  the  type  of  customers  that  need  a  wide-area  net¬ 
working  specialist  that  will  engineer  a  solution  specifically  to 
meet  their  needs. They  need  capabilities  that  other  carriers 
can’t  bring.They  need  access  to  people  and  resources  that 
other  carriers  won’t  bring. ...  We  have  Lava  Trading,  a  firm 
that  handles  20%  to  25%  of  all  the  trades  on  Nasdaq. That’s 
certainly  a  company  where  the  network  is  a  key,  critical  com¬ 
ponent  of  the  business  that  they  operate.  Another  recent  win 
is  ING,a  large  insurance  company  where  data  is  absolutely 
critical  to  their  success. 

We  have  all  the  capabilities  to  support  enterprise  customers 
very  successfully.  We’re  good  on  the  data  side,  with  MPLS,  pri¬ 
vate-line  and  IP  services. 


We  had  a  great  voice  business  on  the  wholesale  side,  sup¬ 
porting  5  billion  minutes  per  month.  Now  we’re  offering 
voice  services  to  both  our  government  and  enterprise  cus- 
tomers.Vonage  is  one  of  our  largest  voice  customers. ...  We 
don’t  release  numbers  about  our  growth  in  enterprise  sales, 
but  our  revenues  are  continually  going  up.  And  with  only 
2,000  employees,  we  have  a  cost  structure  that’s  remarkable. 

This  year,  WilTel  announced  Ethernet  and  storage  services  for  the 
enterprise  market,  as  well  as  new  voice  services.  Can  you  explain 
the  significance  of  these  in  terms  of  building  WilTers  share  of  the 
enterprise  market9 

Storage-area  networking  is  very  important.  Our  Vyvx  sub¬ 
sidiary  is  the  leader  in  the  transmission  of  broadcast-quality 
video  over  fiber  for  the  media  and  entertainment  business. 
We  want  to  be  the  Vyvx  of  storage-area  networking.  Ethernet 
—  both  managed  and  unmanaged  —  is  just  the  way  the  world 
is  going. Voice  services  are  part  of  the  portfolio  that  an  enter¬ 
prise  wants  to  buy  These  services  fill  out  our  portfolio  so  enter¬ 
prises  can  do  one-stop  shopping. 

What  other  enterprise  services  does  WilTel  have  planned  for  2005? 

We’re  going  to  continue  to  grow  our  IP  VPN  services.  We’re 
going  to  continue  to  expand  on  storage-area  networking  and 
Ethernet  products.  And  we’re  going  to  focus  very  specifically 
on  professional  services  and  managed  services  for  our  cus- 

See  WilTel,  page  29 
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MSSPs: 

MARKET  CALLED  MATURING 


Users  bank  on  managed  security  services 


Security  services  gaining  steam 

U.S.  spending  expected  to  grow  almost  20%  annually  over  next  five  years. 
Users  (in  billions) 


2004  2005  2006 


BY  DENISE  PAPPALARDO 

ore  enterprise  business  cus¬ 
tomers  are  turning  to  managed 
security  service  providers  to  help 
them  cope  with  the  complexities 
of  network  security,  especially  when  it 
comes  to  intrusion  prevention. 

MSSP  offerings  are  expected  to  generate 
about  $1  billion  in  spending  this  year,  says 
Allan  Carey  a  program  manager  for  busi¬ 
ness  and  continuity  services  at  IDC.The  $1 
billion  is  part  of  an  overall  security  services 
spending  projection,  which  includes  con¬ 
sulting,  training,  implementation  and  MSSP 
costs,  of  about  S7.4  billion  for  2005. 

Security  audits  and  regulatory  compli¬ 
ance  are  just  two  of  the  reasons  organiza¬ 
tions  are  more  interested  in  MSSP  offerings, 
says  Kelly  Kavanagh,  an  analyst  at  Gartner. 
MSSP  services  can  help  with  audit  compli¬ 
ance  through  documented  monitoring, 
reporting  and  remediation,  he  says. 

Users  have  become  more  willing  to  out¬ 
source  their  security  needs  to  a  third  party 
“Over  the  past  couple  of  years  enterprise 
customers  have  become  more  comfortable 
with  the  level  of  maturity  in  the  MSSP  mar¬ 
ket,”  Carey  says. 

Many  organizations  also  don’t  have  the 
capital  to  deploy  the  hardware  and  soft¬ 
ware  necessary  to  support  their  own  intru¬ 
sion  detection,  intrusion  prevention,  anti¬ 
distributed  denial  of  service  or  other  secu¬ 
rity  services,  he  says. 

Compliance  was  one  of  the  key  reasons 
why  Boiling  Springs  Savings  Bank  switched 
to  MSSP  Perimeter  Internetworking,  which 
specializes  in  offering  managed  security 
services  to  small  banks. 

Boiling  Springs  is  a  $1.1  billion  thrift  with 
14  locations  in  northeastern  New  Jersey 
that  uses  Perimeter’s  intrusion-detection 
services,  says  Kenneth  Emerson,  director  of 
strategic  planning  and  CIO.  Emerson  says 
he  sold  the  board  of  directors  on  Peri¬ 
meter’s  services  by  explaining  that  they  are 
essentially  an  “insurance  policy  against  lost 
customer  confidence.” 

About  three  years  ago  Boiling  Springs 
turned  to  Perimeter  to  shore  up  the  bank’s 
security  support.  Emerson  says  he  had  an 
ISP  that  knew  security  but  didn’t  have  a  Level 
II  Statement  on  Auditing  Standard  (SAS) 
review.  This  is  a  specialized  audit  that  verifies 
a  company’s  operational  and  internal  con¬ 
trols  over  processing  user  transactions. 

“It’s  up  to  me  to  engage  a  firm  that  has  a 
SAS  70.  If  they  don’t,  then  it’s  up  to  me  to 
have  one  done. They’re  expensive  —  about 


SOURCE:  IDC 

$30,000  to  $50,000,”  Emerson  says.  “My  ISP 
said  they  were  looking  into  having  one,  but 
I  needed  something  more  proactive.” 

Perimeter  had  the  required  audit. 

Emerson  says  banks  also  are  required  to 
have  annual  penetration  tests,  which  cost 
about  $12,000  to  $15,000.  But  because  he’s 
using  Perimeter’s  intrusion-detection  ser¬ 
vices  and  has  no  outward  facing  hosts  to 
the  Internet,  he’s  covered. 

The  bank  has  a  centralized  network  set¬ 
up  with  all  traffic  coming  through  its  head¬ 
quarters  in  Rutherford.  Boiling  Springs  has 
a  dedicated  frame  relay  connection  to 
Perimeter  from  its  headquarters  and  anoth¬ 
er  to  an  ISP  In  a  hub-and-spoke  architec¬ 
ture,  each  branch  also  has  a  dedicated 
frame  connection  to  Rutherford.There  is  an 
ISDN  backup  at  each  site. 

While  AT&T  provides  the  frame  relay  ser¬ 
vices,  Perimeter  actually  worked  with  the 
carrier  to  have  the  services  deployed  and 
maintained,  which  was  also  an  advantage 
because  it  reduces  finger-pointing,  he  says. 
Emerson  says  Perimeter’s  services  are  ex¬ 
pensive,  but  that  the  bank  saved  money  by 
teaming  with  a  provider  that  had  the  appro¬ 
priate  audits  in  place  and  by  eliminating 
the  need  to  do  penetration  tests. 

Other  users  are  going  with  MSSPs  to  help 
manage  intrusion-prevention  systems. 
Intrusion-prevention  services  add  an  addi- 
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tional  level  of  complexity  analysts  agree,  pri¬ 
marily  because  of  the  high  number  of  false 
positives  they  produce. 

Exchange  Bank,  a  savings  and  loan  with 
20  branches  in  Sonoma  County  and  head¬ 
quarters  in  Santa  Rosa,  Calif.,  was  using 
intrusion-detection  services  from  SBC  be¬ 
fore  the  bank  switched  to  Internet  Security 
Systems  (ISS)  .“Security  was  a  sideline  busi¬ 
ness  for  them  and  they  weren’t  doing  a  very 
good  job,”  says  Bob  Gligorea,  information 
security  officer  at  the  bank. 

“I  would  come  in  in  the  morning  and 
look  at  our  overnight  reports  and  it  would 
scare  the  hell  out  of  me,”  he  says.  “I  would 
call  [SBC’s]  security  network  operations 
center  and  say, ‘Why  didn’t  you  call  me?  Did 
you  block  this  attack?’  And  they  would  say 
they  assumed  I  probably  had  the  patches.” 

“I  don’t  need  a  nice  report  of  all  of  the 
bad  things  that  happened  while  I  was  sleep¬ 
ing.  I  want  my  MSSP  to  actively  protect  our 
network,”  he  says. 

Switching  to  ISS’  managed  intrusion-pre¬ 
vention  and  managed  firewall  services 
about  a  year  ago  provided  that.“Each  morn¬ 
ing  I  get  reports  on  ISS’  portal  on  what 
actions  were  taken  overnight.The  service  is 
constantly  getting  upgraded,  which  saves 
me  so  much  time  vs.  having  to  stay  on  top 
of  security  changes  myself,”  he  says. 

The  bank  hasn’t  been  the  victim  of  many 


attacks,  but  they  do  see  a  lot  of  scans. 

“The  first  time  I  got  a  call  from  ISS  was 
when  we  were  working  on  a  new  Web  trad¬ 
ing  tool  that  ran  a  legitimate  scan  of  our 
network,”  he  says.  They  called  to  see  if  the 
scan  was  malicious,  he  says. 

Exchange  Bank  selected  ISS  primarily 
because  of  its  success  in  detecting  com¬ 
puter  vulnerabilities  and  also  because  it 
has  worldwide  coverage,  he  says. 

Gligorea  says  he  believes  his  network  is 
better  protected  because  ISS  sometimes 
knows  about  vulnerabilities  long  before 
other  security  vendors. 

“We  couldn’t  hire  one  person  for  what  we’re 
paying  on  our  managed  service  contract,” 
Gligorea  says.  The  bank  would  likely  have  to 
hire  nine  people  to  have  24/7  coverage. 

In  addition  to  Perimeter  Internetworking 
and  ISS,  there  are  security  software  and 
hardware  companies  that  offer  managed 
services  such  as  Symantec  and  VeriSign. 
Then  you  have  AT&T,  MCI,  Sprint  and 
Equant,  which  are  telecom  veterans  offer¬ 
ing  managed  security  services,  although 
MCI  now  is  somewhat  different  since  it 
acquired  MSSP  NetSec  earlier  this  year. 

Then  there  are  the  big  IT  services  firms 
such  as  Electronic  Data  Systems,  Computer 
Sciences  Corp.,  SAIC  and  Unisys,  which  all 
have  managed  security  offerings. 

And  the  niche  or  smaller  players  that  only 
offer  managed  security  services  and  some 
only  to  specific  vertical  markets,  including 
Counterpane  Internet  Security,  Perimeter 
Internetworking  and  Lurhq. 

“There  is  no  one  best  firm  for  anyone 
because  each  goes  after  different  areas  and 
customers  with  a  slightly  different  empha¬ 
sis  on  services,”  Gartner’s  Kavanagh  says. 

IDC’s  Carey  expects  more  advanced  ser¬ 
vices  from  the  MSSP  market  in  the  next  18 
months  and  more  industry  consolidation. 

Consolidation  is  one  reason  Gartner 
advises  users  to  select  an  MSSP  carefully 
There  are  three  areas  users  should  consid¬ 
er:  financial  stability  breadth  of  services 
and  Web-based  tools. 

An  MSSP  should  have  a  “run  rate  of  $20 
million”  in  contract  revenue  to  cover  growth, 
according  to  the  analyst  firm.  Users  also 
should  look  for  a  service  provider  that  has  a 
wide  variety  of  security  services,  including 
managed  firewall,  intrusion  detection  and 
prevention,  consulting,  anti-viral,  vulnerabili¬ 
ty  scanning  and  mitigation  services. 

The  provider  should  offer  a  robust  Web- 
portal  and  a  variety  of  reporting  and  moni¬ 
toring  tools,  Gartner  says.  ■ 
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WilTel 

continued  from  page  27 

tomers.  I  think  there’s  an  oppor¬ 
tunity  to  help  clear  up  the  net¬ 
working  confusion  for  our  cus¬ 
tomers.  We’re  also  going  to  ex¬ 
pand  our  voice  products  and 
our  integrated  access. 

How  much  of  WiHel's  enterprise  rev¬ 
enue  is  direct  vs.  through  subcon¬ 
tracting  deals  with  foreign  carriers 
such  as  KDDI? 

It’s  a  mix.  Historically  we’ve  only 
been  in  the  enterprise  market 
through  our  wholesale  arrange¬ 
ments.  There  are  some  wholesale 
customers  that  buy  great  big 
pipes  and  do  finished  services 
on  top. There  are  other  customers 
that  work  with  us.  We  provide  the 
enterprise  services  under  their 
banner  and  their  name.  KDDI 
and  SBC  are  two  of  these.  We’ve 
been  winning  enterprise  cus¬ 
tomers  in  both  ways. 

SBC  is  WiiTel's  largest  customer,  rep¬ 
resenting  70%  of  its  revenues, 
according  to  analysts.  Can  you 
explain  the  significance  of  the  new 
master  services  agreement  WilTel 
recently  signed  with  SBC? 

The  agreement  means  several 
things.  It  is  a  testimony  to  the 
quality  of  the  service  that  we  pro¬ 
vide  that  it  was  important  to  SBC 
to  sign  up  for  a  new  master  ser¬ 
vices  agreement.  With  their  inten¬ 
tion  to  buy  AT&T,  certainly  they’re 
going  to  move  traffic  they  have 
on  our  network  to  AT&T.  This 
agreement  is  intended  to  make 
sure  that  they  provide  the  same 
quality  of  service  to  their  cus¬ 
tomers  [during  the  transition] . 

From  a  stability  standpoint, 
we’ve  been  making  this  transition 
into  the  enterprise  and  govern¬ 
ment  markets  for  the  last  18 
months  to  two  years,  but  it  takes  a 
long  time. The  primary  revenue 
we  get  from  SBC  is  long-distance 
voice.  We’ve  known  for  a  long 
time  that  was  going  to  go  away 
whether  it  was  going  VoIP  or  to 
AT&T.  Our  strategy  has  been  to 
launch  into  these  other  markets 
with  other  products  so  that  as  the 
SBC  business  goes  away  we  can 
continue  to  grow  and  be  healthy 
Before  the  timeline  was  always 
vague. This  [agreement]  puts  clar¬ 


ity  around  the  timeline  because 
this  is  a  five-year  deal. 

Having  this  [agreement]  gives 
us  a  leg  up  on  enterprise  deals. 
We  can  very  clearly  sit  down  with 
customers  and  talk  about  the 
health  of  our  financials.  When 
you  compare  our  cash  growth  to 
any  of  our  competitors,  you  will 


see  that  WilTel  has  outperformed 
everybody  else. 

What's  WiiTel's  strategy  for  surviving 
and  thriving  in  the  midst  of  all  the 
telecom  mergers? 

One  of  the  things  we  have 
learned  that  has  become  part  of 
our  culture  in  the  last  three  years 


is  a  disciplined  financial 
approach. There  are  a  lot  of  com¬ 
panies  out  there  trying  to  grow 
revenue  without  regard  to 
whether  it’s  good  revenue  or  bad 
revenue.  We  pass  on  bad  busi¬ 
ness.  We  focus  very  closely  on 
winning  good  quality  customers. 
We’re  going  to  be  very  aggressive 


at  looking  at  consolidation 
opportunities.  We  want  to  partici¬ 
pate  in  the  consolidation  without 
doing  something  stupid.  We  think 
we’ll  have  the  opportunity  to  roll 
up  a  lot  of  good  providers  or 
good  offerings.  I’m  not  predicting 
anything.  We’re  going  to  be  very 
disciplined  about  it.  ■ 


SHARE  GIGS  OF  CONFIDENTIAL 
INFORMATION  ON  THE  INTERNET 

AND  IT  WONT  BE  CONFIDENTIAL  FOR  LONG. 


More  data  to  manage  typically  means  more  reason  to  worry  about  security 
and  accessibility.  But  with  Ipswitch’s  industry-leading  FTP  solutions,  users 
can  easily  and  fearlessly  transfer  files  without  compromise.  Designed 
specifically  for  small-  and  medium-sized  businesses,  Ipswitch  WS_FTP 
Professional  and  Ipswitch  WS_FTP  Server  feature  easy  set-up  and 
straightforward  data  management.  It’s  data  management  made  simple. 


Ipswitch  WS_FTP  Professional. 
Ipswitch  WS_FTP  Server. 


It  just  works. 
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WS_FTP  is  a  registered  trademark  of  Ipswitch,  Inc  All  other  trademarks  are  the  property  of  their  respective  owners. 


GET  ALL  YOUR  BUSINESS  APPLICATIONS  TO  GO. 


With  GoodLink™  software  on  the  Treo™  smartphone  by  palmOne™  mobile  personnel  can  access 
the  business  information  they  need  where  they  need  it.  From  e-mail  in  the  airport  to  enterprise 
applications  in  a  customer’s  conference  room. 


GoodLink  also  gives  you  Outlooks-like  functions,  such  as  contacts  and  calendar.  Along  with 


an  intuitively  easy  interface,  enterprise-class  security,  and  touchless  IT  administration  that 
keeps  everyone  happy.  In  other  words,  you  can  now  take  and  deliver  the  biggest  order  of  all: 
unprecedented  productivity. 


Get  the  facts  now  with 
a  FREE  mobile  wireless 
information  kit. 

Call  866-7-BE-GOOD  or  visit 
www.good.com/freekit 


©2005  Good  Technology,  Inc.  Good,  Good  Technology,  the  Good  logo,  and  GoodLink  are  trademarks  or  registered  trademarks  of  Good  Technology,  Inc.  All  other  trademarks  are  the 
property  of  their  respective  owners. 
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TECHHOUICY  UPDATE 


Multi-radio  design  boosts  mesh  nets 


HOW  U  WORKS:  Multi-rado  mesh  network 

Multi-radio  mesh  networks  dedicate  radios  for  each  function  in  the  mesh  ■ 
backhaul  ingress,  backhaul  egress  and  client  access. 


802.11b/g  client  radios 
800.11a  ingress  radios 
802.11a  egress  radios 


*0 

Broadband 
termination 
point 


Node  A  Node  B  Node  C 


Q  Node  A's  ingress  radio  receives  traffic  from  all  the  clients  that  are  attached  to  it. 

0  The  traffic  is  immediately  switched  to  Node  A's  egress  mesh  radio  even  before  all  the  packets  have  been 
received.  The  egress  mesh  radio  sends  to  the  next  optimal  node  for  relaying  —  in  this  case,  Node  B. 

El  Node  B's  ingress  mesh  radio  receives  the  incoming  traffic  from  Node  A's  egress  mesh  radio  (and  also  typically 
from  multiple  other  egress  radios  in  other  nodes). 

□  All  Node  B  traffic  (incoming  mesh  and  client  devices'  packets)  is  switched  to  Node  B's  egress  radio.  Node 
B's  egress  radio  transmits  traffic  to  Node  C. 

0  Node  G's  ingress  radio  receives  the  traffic  and  switches  all  traffic  to  the  wired  network. 


BY  CYRUS  IRANI 

A  mesh  wireless  network  node  must  per¬ 
form  three  functions:  serve  client  devices, 
receive  traffic  from  another  mesh  node 
(mesh  ingress)  and  transmit  traffic  to 
another  mesh  node  (mesh  egress).  Single¬ 
radio  nodes  (or  even  dual-radio  nodes,  in 
which  one  radio  is  used  for  client  devices 
and  the  other  for  mesh  backhaul)  pose  per¬ 
formance  problems  and  hinder  scalability 

Multi-radio  mesh  technology  solves  this 
problem  for  large-scale  wireless  deploy¬ 
ments,  particularly  those  in  which  real-time 
applications  require  roaming  voice,  video 
and  data.  Radios  are  dedicated  for  each 
function  in  the  mesh  —  backhaul  ingress, 
backhaul  egress  and  client  access.This  pro¬ 
vides  dedicated  mesh  links  for  backhaul 
traffic  and  client  coverage. 802.1  la  is  gener¬ 
ally  used  for  backhaul  traffic,  and  802. 1  lb/g 
for  client  coverage. 

When  a  single-radio  mesh  is  used  for  both 
incoming  and  outgoing  traffic,  throughput 
is  halved  because  a  radio  cannot  transmit 
and  receive  simultaneously  and  must  swap 
roles.  Another  problem  is  that  every  mesh 
link  must  be  on  the  same  radio  channel. 
That  means  when  one  radio  is  transmitting, 
its  neighbors  must  all  be  in  listening  mode. 
This  problem  is  amplified  across  the  mesh, 
and  after  a  few  hops  the  architecture  is 
slowed  to  the  point  where  it  no  longer  effi¬ 
ciently  supports  voice  or  data. 

However,  a  wireless  multi-radio,  or  struc¬ 
tured,  mesh  approach  offers  several  dedi¬ 
cated-link  interfaces  and  at  least  three 
radios  per  network  node.  Because  each 
radio  performs  only  one  function,  there  is 
no  role  swapping,  eliminating  throughput 


degradation.  Multi-radio  mesh  networks 
allow  for  dedicated  backhaul  links  that  can 
transmit  and  receive  simultaneously  be¬ 
cause  each  link  is  on  a  separate  channel. 

A  typical  mesh  configuration  might  have 
six  or  more  radios  in  a  single  node  that  can 
be  allocated  between  serving  client  de¬ 
vices,  mesh  ingress  and  mesh  egress.  This 
six-radio  wireless  network  node  can  sup¬ 


port  up  to  three  user-access  radio  modules 
in  the  2.4-GHz  or  5-GHz  band  and  up  to 
three  backhaul  radio  modules  in  the  2.4- 
GHz  or  5-GHz  band. 

The  ingress  radio  must  be  designed  to  re¬ 
ceive  associations  from  wireless  clients 
(user  access)  or  other  mesh  nodes  (egress) 
in  separate  radios.  The  egress  radio  must 
create  a  link  to  another  mesh  node  for 


relaying  backhaul  traffic,  based  on  the  best 
possible  path  to  the  wired  network,  or 
broadband  termination  point.  Many  factors 
can  be  optimized  across  the  mesh  links 
with  a  multi-radio  approach,  including 
channel  optimization,  round-trip  delay  sig¬ 
nal  strength  and  packet  routing. 

By  dedicating  radios  to  each  mesh  func¬ 
tion,  structured  multi-radio  mesh  networks 
increase  throughput  and  reduce  latency 
enabling  the  networks  to  accommodate 
voice  applications  and  fast-roaming  hand- 
off,  as  well  as  video  and  other  real-time 
applications.  Multi-radio  mesh  is  designed 
around  Layer  2  switching,  further  reducing 
latency  and  overhead  while  improving 
multi-hop  performance. 

A  structured  multi-radio  wireless  mesh 
network  also  allows  for  the  use  of  multiple, 
separate  sectorized  antennas  that  send  sig¬ 
nals  in  different  directions,  each  on  differ¬ 
ent  channels,  and  all  at  the  same  time. This 
cellular-like  coverage  enables  simultane¬ 
ous,  collision-free  transmission  among 
clients  associated  with  this  type  of  architec¬ 
ture.  As  a  result,  more  users  can  associate 
with  the  same  node  at  longer  ranges  and 
attain  a  higher  overall  throughput,  because 
there  is  less  contention  with  other  users. 

Multi-radio  Wi-Fi  mesh  networks  solve  the 
inherent  Wi-Fi  multi-hop  throughput  and 
latency  dilemma  caused  by  the  half-duplex 
nature  of  802. 1 1 .  The  performance  gains 
achieved  are  ideal  for  supporting  real-time 
voice,  video  and  data  over  multiple  hops. 

Irani  is  vice  president  of  marketing  and 
strategy  for  Strix  Systems.  He  can  be  reached 
at  cyrus.irani@strixsystems.com. 


Ask  Dn  Internet  By  Steve  Blass 


I  was  surprised  to  find  that  my  BlackBerry  does 
not  provide  any  synchronization  software  for 
Macintosh  systems.  Are  there  any  third-party 
products  that  can  synchronize  my  BlackBerry 
device  with  my  Mac? 

BlackBerry  manufacturer  Research  in  Motion  licens¬ 
es  the  Intellisync  desktop  synchronization  software 
from  Puma  Technologies,  and  says  that  Puma  has  no 
timeline  set  for  the  introduction  of  Mac  versions  of 
Intellisync  or  the  BlackBerry  Desktop  software.  There 


are  products  available  that  provide  BlackBerry  synchro¬ 
nization  capabilities  for  Mac  systems. 

SyncAgain  (www.epicad.com)  supports  Mac  synchro¬ 
nization  for  BlackBerry  devices  that  use  the  BlackBerry 
Enterprise  Server.  SyncAgain  synchronizes  only  with 
Address  Book  and  iCal.  The  Web  site  says  a  stand-alone 
version  is  coming  soon.  PocketMac  for  BlackBerry 
(www.pocketmac.net)  provides  synchronization  support 
for  Macintosh  Entourage,  the  Address  Book  and 
Entourage  Calendar,  as  well  as  for  iCal,  Tasks  and 
Stickies.  In  addition,  the  application  fully  integrates  with 


iSync,  offers  support  for  serial-  and  USB-based 
BlackBerry  devices,  and  automatic  sync-on-connection 
with  the  computer.  SyncAgain  and  PocketMac  for 
BlackBerry  require  Macintosh  OS  X  10.3  or  higher. 
Neither  provides  an  application  loader.  For  now  you 
might  have  to  rely  on  a  Windows  PC  to  automatically 
load  applications  onto  the  BlackBerry. 

Blass,  a  network  architect  at  Change@Work  in 
Houston,  can  be  reached  at  dr.internet@changeatwork. 
com. 
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FrankenTiVo 


GEARHEAD 


Arghhhhhhhhhh!  Never  in  a  mil¬ 
lion  years  would  we  have  guessed 
that  there  would  be  a  problem  with 
getting  our  DirecTV  TiVo  to  dial  out 
for  programming  updates  over  our 
new  Vonage  VoIP  connection. 
According  to  Vonage:  “Many 
INSIDE  THE  Vonage  customers  have  successful- 
NETWORK  ly  set  up  DirecTV  and  TiVo  series2 
MACHINE  connections  through  the  Vonage 
Phone  Adapter.”  Really?  Ha! 

Mark  Gibbs  We  want  to  meet  these  Vonage  cus¬ 
tomers  because  a  Google  search  for 
“tivo  vonage  problem”  returns  96,300  hits  that  reveal  that 
many  TiVo  Version  1  owners  had  no  problems  with  con¬ 
necting  over  Vonage  until  a  few  months  ago,  while  most 
Version  2  owners  seem  to  have  had  no  success  at  all. 

The  problem  seems  to  be  that  the  Vonage  VoIP  service 
won’t  handle  data  calls  at  high  bit  rates. There  are  a  few 
online  comments  that  point  an  accusatory  finger  at 
Vonage’s  network,  claiming  the  problem  lies  there. 

One  person  claims  to  have  talked  to  the  software  engi¬ 
neering  manager  for  the  Cisco  Analog  Telephone  Adapter 
(ATA),who  said  Vonage ’s  gateways  need  to  be  configured 
for  “modem  pass-through”  but  for  some  reason  aren’t.  It 
might  be  that  Vonage  can’t  do  so.  A  common  theory  is 
that  Vonage  doesn’t  have  full  control  of  all  the  gateways  it 
uses.  Whatever  the  problem,  it  is  a  real  pain. 

How  about  using  TiVo’s  built-in  networking  to  get  the 


updates  instead?  No  problem  unless  you  have  a  DirecTV 
TiVo. Sigh.  Guess  what  we  have? 

For  reasons  that  aren’t  at  all  clear,  DirecTV  modified  its 
version  of  the  TiVo  platform  and  removed  features,  mak¬ 
ing  it  less  flexible  than  the  original. Could  there  have  been 
a  concern  with  supportability  or  was  it  just  DirecTV  trying 
to  differentiate  its  product?  Whatever  it  is  it  is  a  complete¬ 
ly  loony  decision.  Just  look  on-line  and  see  how  many 
people  are  complaining. 

DirecTV  modified  its  version  of 
theTiVo  platform  and  made  it 
less  flexible  than  the  original. 

If  you  apply  the  Iceberg  Theory  that  only  10%  of  any 
problem  is  visible  above  the  surface,  that  means  there  are 
a  lot  of  people  out  there  thinking  the  DirecTV  guys  are  not 
too  tightly  wrapped.  If  there  are  any  DirecTV  people  lis¬ 
tening,  please  get  in  touch,  we’d  like  to  find  out  why  your 
version  of  TiVo  is  stunted. 

Anyway,  you  can  apparently  make  DirecTV  TiVo  regain 
its  full  power  and  majesty  All  you  need  is  some  software, 
hardware  and  a  burning  desire  to  boldly  go  where  few 
TiVo  users  other  than  the  technically  deranged  have 
gone  before. 

Although  we  haven’t  tried  it  yet,  the  fix  starts  with  down¬ 
loading  an  ISO  image  of  the  PTVnet  Software  from  PTV- 
upgrade  (www.networkworld.com,  DocFinder:  7957)  for 


$20  and  creating  a  CD.  You  then  connect  a  second  ATA 
drive  to  your  PC,  boot  from  the  PTVnet  CD,  install  the  soft¬ 
ware  for  your  brand  of  TiVo  hardware,  and  take  that  drive 
and  install  it  in  your  TiVo.  Alternatively  you  can  buy  a  pre- 
loaded  drive  from  PTVupgrade. 

Then  you  restart  your  TiVo,  go  through  the  standard  set¬ 
up  procedure,  and  you  will  have  a  DirecTV  TiVo  with 
increased  hard-drive  capacity  (up  to  two  400G-byte  drives 
—  roughly  350  hours  of  video),  the  USB  ports  enabled, 
and  a  whole  load  of  new  features  that  can  be  networked 
(you’ll  need  a  DHCP  server  on  your  network  and  one  of 
the  supported  USB  Ethernet  adapters). 

You  now  can  control  yourTiVo  using  the  newly  installed 
Web  services  (TiVoWebPlus,  a  general  public  license 
package,  see  http://tivo.fp2000.org/twp),  which  allow  you 
to  sort  programs  alphabetically  mark  multiple  shows  for 
deletion,  search  and  define  programming  choices,  add 
season  passes,  modify  show  information  and  descrip¬ 
tions,  and  even  see  information  the  DirecTV  TiVo  doesn’t 
make  available,  such  as  the  original  air  date  and  program 
details. 

Even  better,  when  your  TiVo  is  networked  a  phone  con¬ 
nection  is  no  longer  needed,  as  all  schedule  updates  are 
retrieved  from  the  TiVo  Web  site.  We  will  try  this  out  in  the 
near  future. 

What’s  hacked  yourTiVo?  Tell  gearhead@gibbs.com  and 
see  Gearblog  (www.networkworld.com/weblogs/gear 
blog)  for  a  list  of  the  links  in  this  story. 


n  u 


SuOUFUV 


The  unassuming  Slingbox  was  a 
breeze  to  set  up. 


The  scoop:  Slingbox,  from  Sling  Media,  about  $250. 

What  it  is:  TiVo  and  other  personal  video  recorders  (PVR)  intro¬ 
duced  the  concept  of  time  shifting,  in  which  TV  content  could  be 
viewed  by  people  whenever  they  wanted.  Sling  Media’s  Slingbox  takes  this  concept 
a  step  further  by  letting  people  view  their  TV  content  wherever  they  are.SIing  Media 
calls  this  concept  “place  shifting,”  which  means  people  can  take  their  video  sources 
(TV,  cable,  satellite  or  even  content  from  a  PVR)  and  view  that  content  on  a  PC  in 
another  room,  city  or  even  continent  (works  over  a  LAN  or  a  WAN). 

'Phis  is  handled  through  the  unassuming  little  Slingbox,  a  device  about  the  size  of 
a  gold  brick  that  connects  the  TV  source  (via  coaxial  cable,  S-video  or  composite 

cabling)  to  an  Ethernet  router  (wireless  and 
power-line  bridges  also  supported).  PVRs  and 
cable  boxes  can  be  controlled  through  an  addi¬ 
tional  infrared  cable  that  lets  users  switch  chan¬ 
nels  on  the  box  when  they  are  remote. 

A  software  client  on  a  user’s  PC  (only 
Windows  XP  is  supported  at  the  moment) 
connects  to  the  Slingbox  and  provides  the  user 
interface  for  viewing  the  “TV”  and  changing  channels. 

Why  it’s  cool:  Too  many  times  I’ve  been  in  hotels  where  the  only 
thing  on  TV  is  local  news,  weather  and  sports.Three  time  zones  away  I  often 
want  to  watch  the  Red  Sox  and  cannot.  With  the  Slingbox,  now  I  can.  Any  saved 
content  stored  on  a  PVR  also  can  be  streamed  across  the  Internet  and  viewed  on 
my  Windows  XP  notebook.The  value  of  being  able  to  watch  my  TV  content,  when¬ 
ever  and  wherever  I  am,  is  well  worth  the  $250  price  tag. 

I  was  most  surprised  and  pleased  with  the  quality  of  the  video  stream.  Sling  Media 
uses  optimization  technology  and  buffering  to  create  a  very  smooth  video  feed  that 


The  Media  Player  lets  you  watch  TV  while  multi¬ 
tasking. 


provided  a  300K  to  500K  bit/sec 
stream  on  the  LAN,  and  between  200K 
and  400K  bit/sec  stream  while  going 
across  the  Internet.  I  streamed  the 
video  wirelessly  through  my  home 
LAN,  at  a  public  Wi-Fi  hot  spot,  and 
then  through  the  company’s  T1  LAN 
(but  accessing  the  TV  feed  across  the 
Internet).  The  picture  window  won’t 
fill  up  your  entire  screen,  and  it’s  not 
high-definition  content,  but  it’s  still 
very  watchable. 

Testing  notes:  The  simplicity  of  set¬ 
ting  up  the  hardware  depends  on  the 

type  of  TV  source  you  want  to  connect  and  whether  you  can  place  the  Slingbox 
near  your  home  router.  For  example,  if  you  want  to  connect  a  cable  box  or  PVR  to 
the  system,  you  need  to  install  the  infrared  cable.  If  your  router  is  away  from  your  TV 
source,  you’ll  have  to  install  a  wireless  Ethernet  adapter  or  a  power-line  bridge  to 
connect  the  Slingbox  to  the  router. 

The  installation  software  also  includes  the  ability  to  set  itself  up  via  Universal  Plug 
and  Play  which  op  :ns  the  proper  port  and  assigns  the  Slingbox  an  IP  address.  Users 
who  don’t  want  to  enable  Universal  Plug  and  Play  can  assign  those  manually 

Some  caveats:  Once  during  the  test  at  the  hot  spot  the  TV  feed  stopped,  and  i 
couldn’t  reconnect  immediately  When  trying  to  connect  via  the  company’s  LAN,  I 
couldn’t  connect  initially  and  had  to  reboot  the  system  and  try  again  (it  worked  the 
second  time).  At  the  moment,  only  Windows  XP  computers  are  supported, and  view¬ 
ing  content  on  a  Slingbox  is  on  a  one-to-one  basis,  which  means  multiple  clients 
can’t  watch  the  same  feed. 

Grade:  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com. 


Do  you  worry  about  .  .  . 


bringing  new  Network  IT  products  to  market? 
reaching  Network/IT  and  Corporate  Managers? 
accelerating  your  sales  cycle? 

getting  your  company's  message  in  front  of  a  powerful  audience  of  Network  IT  buyers 


Stop  worrying  .  .  . 

when  you  sponsor  a  Network  World  Technology  Tour  and  Expo.  These  dynamic  live 
multi-city  events  will  bring  you  face-to-face  with  the  Network  World  community  —  the 
architects,  strategists,  decision-makers  and  buyers  for  today's  enterprise  networks. 

Network  World  is  now  accepting  sponsorship  bookings  for  2005  Technology  Tours  and 
Expos.  Sponsorships  are  limited  to  guarantee  a  dynamic  experience  for  both  sponsors 
and  attendees  so  act  now. 

Contact  Andrea  D' Amato,  National  Sales  Director,  Events  and  Executive  Forums,  at 

800-622-1108,  Ext.  6520  or  adamato@nww.com 
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March 

March 

April 

April 

June 

June 

July 

Sept 

Sept 

Nov/Dec 


Wireless  and  Mobility 

Network  Management/IT  Automation 

Remote  Office  Networking 

WAN  Optimization 

Voice  over  IP/Convergence 

Extended:  Wireless  and  Mobility 

SMB 

Security 

Extended:  Voice  over  IP/Convergence 
IT  Road  Map:  2006 


To  attend  a  Network  World  Technology  Tour  and  Expo  free,  register  at  www.networkworld.com/events 
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n  Technology 

John  Dixw 

Spyware  changing 
the  way  the  ’Net ... 

Viruses,  spyware,  phishing  and  other  scams  are  conspiring 
to  make  the  Internet  a  scary  and  unsavory  place  for  Joe 
American,  which  is  a  threat  to  the  continued  growth  of  con¬ 
sumer-facing  e-commerce  efforts. 

Gartner,  for  example,  says  security  concerns  could  shave  a 
full  percentage  point  off  its  current  forecasts  for  business-to- 
consumer  e-commerce,  which  it  expects  to  grow  18%  in 
2005, 15%  in  2006  and  1 1%  in  2007  (see  www.network 
world.com,  DocFinder:  7954). 

Phishing  is  one  of  the  biggest  concerns,  Gartner  says, 
with  about  1.2  million  U.S.  consumers  suffering  phishing- 
related  losses  totaling  about  $929  million  between  May 
2004  and  May  2005.  (See  last  week’s  column  for  a  simple 
new  tool  that  might  help  sites  fight  back,  DocFinder: 

7955.) 

But  spyware  is  also  influencing  how  consumers  use  the 
Internet.  According  to  research  released  last  week  by  the 
Pew  Internet  &  American  Life  Project, “nine  out  of  ten 
Internet  users  say  they  have  adjusted  their  online  behav¬ 
ior  out  of  fear  of  falling  victim  to  software  intrusions.” 

Of  the  changes  the  report  identified:  48%  of  the  1,336  peo¬ 
ple  surveyed  have  stopped  visiting  particular  Web  sites;  34% 
have  stopped  downloading  software;  18%  say  they  no 
longer  open  e-mail  attachments;  and  18%  say  they  have 
changed  browsers  to  try  to  avoid  surreptitious  software 
installation. 

A  whopping  43%  of  the  respondents  “have  had  spyware, 
adware,  or  both  types  of  programs  on  their  home  comput¬ 
ed  the  report  says,  surmising  the  real  figure  is  probably 
higher  given  some  users  don’t  know  if  they  are  infected. 

The  report  cites  a  2004  study  by  AOL  and  the  National 
Cyber  Security  Alliance,  in  which  half  of  the  respondents 
said  they  had  spyware/adware  on  their  computers  when  a 
subsequent  scan  of  the  machines  showed  80%  were  host¬ 
ing  such  code. 

While  the  Pew  report  finds  broad  understanding  of  the 
spyware/adware  threat  —  for  example,  78%  say  they  have  a 
good  idea  what  spyware  is  —  it  also  revealed  many  users 
don’t  know  what  to  do  about  it:  33%  of  the  respondents  say 
they  are  not  confident  in  their  ability  to  fight 
spyware/adware. 

Therein  lies  the  real  threat  to  e-commerce:  people  who 
know  about  the  threat  but  don’t  know  how  to  cope  will 
simply  stop  using  the  tool.  Companies  that  are  already  real¬ 
izing  gains  by  serving  consumers  online  still  have  signifi¬ 
cant  work  to  do  in  terms  of  educating  customers  about 
how  to  safely  use  the  Internet. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Carr  trouble 

Your  story  about  IT  Doesn’t  Matter  author  Nicholas 
Carr  (www.networkworld.com,  DocFinder:  7922) 
states: “[Carr]  studied  neither  business  nor  IT  as  a 
student,  instead  focusing  on  English  literature....” 
That  pretty  much  says  it  all. 

I  don’t  know  why  the  tech  industry  keeps  giving 
Carr  any  amount  of  coverage.  His  ideas,  while  differ¬ 
ent,  aren’t  (from  what  I  can  tell)  based  in  any  reality 
When  he  gets  some  understanding  of  how  technol¬ 
ogy  works  then  maybe  he  will  be  worth  listening  to. 

I  also  have  to  laugh  at  Carr’s  statement  that 
“Moore’s  Law  has  always  been  a  fabrication  —  a 
popular  (mis)conception  of  reality  rather  than  a  pre¬ 
cise  description  of  reality’  Moore’s  Law  is  fine;  it  has 
worked  and  continues  to  work.  The  technology  to 
actually  produce  the  xlO  effect  every  five  years 
changes,  but  the  basic  premise  is  the  same.  What 
doesn’t  Carr  understand?  Maybe  if  he  had  some 
education  in  technology . . 

Ken  Hollis 
Tulsa,  Okla. 

Broadband  secrets 

Regarding  Kevin  Tolly’s  column,  “Broadband  ser¬ 
vice  providers  keeping  secrets?"  (DocFinder:  7923): 
An  answer  to  Tolly’s  question  —  yes,  they  are.  The 
secret  is  twofold.  First,  how  many  other  customers 
are  sharing  the  same  segment  that  you  are  on? 
Second, how  much  bandwidth  are  they  provisioning 
to  you  and  the  other  customers?  There  are  probably 
250  customers  for  each  1.5M  bit/sec  of  bandwidth 
and  also  the  same  250  customers  for  the  segment 
that  you  are  on. 

What  broadband  providers  are  really  hiding  is  how 
much  money  they  are  making  on  the  whole  process. 
If  you  charge  $40  per  month  for  service  and  on  the 
back  end  are  only  paying  $200  per  month  for  a  T-l 
circuit,  you  are  raking  in  almost  $10,000  per  month 


for  those  250  customers.This  sounds  like  a  real  mon¬ 
eymaking  business. 

The  broadband  service  providers  are  hiding  all  the 
money  they  are  making  and  how  they  are  over-pro- 
visioning  the  service.They  have  to  make  money  and 
what  you  are  paying  for  is  service  that  is  “on”  24/7. 

Alexander  Shaskevich 
CEO 

Metropolis  Data  Systems 
Houston 

Not  too  smart 

Regarding  Frank  Dzubeck’s  column,  “Net  intelli¬ 
gence  a  balancing  act”  (DocFinder:  7924): 
Remember,  it  was  the  “stupid”  IP  network  that  got  us 
this  data  revolution.  And  it  was  the  “smart”  circuit- 
switched  telecom  network  that  kept  costs  rising  and 
limited  services  —  even  voice  mail  and  caller  ID  — 
which,  if  you  haven’t  noticed,  come  free  with  most 
cell  phones.  So  this  “smart  network”  idea  can  easily 
get  out  of  hand. 

Brandon  Fouts 
Seattle 

Frank  Dzubeck’s  column  “Net  intelligence  a  balanc¬ 
ing  act”  presents  some  innovative  insights.  However, 
we  have  to  push  the  envelope  of  network  intelli¬ 
gence  not  just  to  the  level  of  services  and  standards, 
but  to  solutions  like  application  mirroring  and  busi¬ 
ness  continuity  based  on  network  node  virtualiza¬ 
tion. 

Exploiting  the  latest  developments  in  networking 
and  virtualization,  we  can  enhance  the  reliability  of 
the  existing  IT  applications  without  rewriting  them 
and  preserve  the  investments. 

Shay  Bendov 
Tel  Aviv,  Israel 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Readers  respond 

W  ■  If  If  1 1 1  Rnd  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1030 
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USER  VIEW 
Chuck  Yoke 


For  service  management,  ITIL  have  to  do 


Growing  up  in  a  rural  area  meant  that  you 
often  picked  up  local  “idioms”  as  part  of 
your  language. Words  such  as  ain’t,  if’n  and 
y’all  were  part  of  my  everyday  speech.  One  of 
my  local  idioms  was  “it’il”  —  our  local  contrac¬ 
tion  of  “it  will.”  If’n  there  ain’t  any  dinner  and  the 
only  thing  to  eat  is  leftovers,  then  it’il  have  to  do. 

The  IT  world  has  its  own  “it’il,”  which  for  the 
time  being  will  also  have  to  do. The  Information 
Technology  Infrastructure  Library  (ITIL)  is  fast 
becoming  the  de  facto  framework  for  imple¬ 
menting  effective  IT  service  management. 

Developed  by  the  British  government  in  the 
1980s,  ITIL  provides  a  comprehensive  series  of 
best  practices  that  can  be  implemented  as  com¬ 
mon  processes  throughout  IT.  ITIL  provides  the 
framework  for  establishing  functions  such  as 
relationship  management,  service  desk,  incident 
management,  problem  management  and  con¬ 
figuration  management.  ITIL  is  not  a  step-by-step 
methodology  panacea  for  all  IT  issues;  rather  it 
is  a  complete  —  and  complex  —  set  of  best 
practices  that  can  be  implemented  in  many 
ways,  depending  on  the  need  and  focus  of  the 
IT  organization. 

While  ITIL  is  perhaps  the  most  popular 
IT  quality  framework,  it  is  not  the  only  one. 


Control  Objectives  for  Information  and  related 
Technology(COBIT),  developed  by  the 
Information  Systems  Audit  and  Control 
Association,  provides  guidelines  on  34  process¬ 
es  that  encompass  the  full  IT  life  cycle,  with  a 
heavy  emphasis  on  IT  audit  and  security.  The 
Capability  Maturity  Model  (CMM)  and 
Capability  Maturity  Model  Integration  (CMMI) 
frameworks  from  the  Software  Engineering 

Many  IT  organizations  are 
mixing  and  matching  the 
relevant  portions  of  these 
frameworks  as  needed. 

Institute  provide  guidelines  for  developing  stan¬ 
dardized  and  repeatable  application  develop¬ 
ment  and  software  engineering  processes.  The 
multi-industry  Six  Sigma  framework  provides 
both  guidelines  and  tools  for  eliminating  opera¬ 
tional  process  defects,  while  its  Design  for  Six 
Sigma  sibling  focuses  on  eliminating  defects 
during  the  design  and  development  processes 
before  they  become  operational. 

None  of  these  frameworks  are  exclusive  of  the 
others  and  it  is  not  necessary  to  implement 


everything  in  any  of  these  frameworks.  Many  IT 
organizations  are  mixing  and  matching  the  rele¬ 
vant  portions  of  these  frameworks  as  needed.  In 
some  companies  ITIL  is  being  used  to  imple¬ 
ment  a  service-focused  organization  and  Six 
Sigma  is  being  implemented  to  monitor  the 
quality  of  the  operational  processes.  Other  orga¬ 
nizations  are  implementing  COBIT  to  establish 
audit  and  security  guidelines  and  CMM/CMMI 
to  provide  reliable  application  development. 
Others  are  using  portions  of  these  frameworks 
to  create  their  own  custom-quality  process. 

With  the  emerging  emphasis  on  IT  as  a  service 
provider  and  the  need  for  all  organizations  to 
become  compliant  with  the  Sarbanes-Oxley  Act 
and  HIPAA,  ITIL  and  all  the  other  frameworks 
will  become  more  prevalent  as  a  way  for  IT 
organizations  to  organize  in  a  way  that  will  mon¬ 
itor  and  maintain  their  value. 

Other  frameworks  may  eventually  replace 
these,  but  it  will  be  a  while.  For  now,  ITIL  and  the 
other  frameworks  are  the  best  available,  and  to 
paraphrase  my  country  kin, “it’il  have  to  do.” 

Yoke  is  director  of  business  solutions  engineer¬ 
ing  for  a  corporate  network  in  Denver.  He  can  be 
reached  at  ckyoke@yahoo.com. 


ON  SECURITY 


Winn  Schwartau 


When  mgmt  sets  the  wrong  security  culture 


Fourteen  years  ago  I  warned  MyBank  (which 
is  not  one  of  my  clients;  I  am  one  of  its) 
about  using  Social  Security  numbers  as  solid 
identification.The  bank’s  head  of  security  said  he 
would  look  into  it.  Since  then,  the  security  at 
MyBank  has  gone  from  bad  to  worse.  It’s  still  a 
recipe  for  ID  theft. 

During  a  recent  tele-banking  transaction,  I  was 
instructed  to  enter  my  bank  account  and  Social 
Security  numbers.  MyBank’s  “new  and  improved” 
system  was  using  two  pieces  of  publicly  available 
information  as  proof-positive  remote  identifica¬ 
tion.  When  I  confronted  MyBank  about  this,  it  took 
30  days  to  fix  this  gaping  security  hole. 

Last  month,  MyBank  assured  me  its  online  bank¬ 
ing  system  was  fixed.  Logon  security  was  decent:  a 
long,  secret  account  number  generated  by  the 
bank,  my  federal  EIN,a  four-digit  PIN  and  no  cook¬ 
ies.  As  a  test,  I  moved  money  to  American  Express 
and  paid  Al,a  member  of  my  staff. 

Several  days  later,  A1  screams,  “Where’s  my  pay- 
check?”!  had  proof  I  sent  it.Amex  also  said  it  had 
not  been  paid.  I  had  proof  I  paid  it.  I  called 
MyBank  and  asked  for  proof  of  receipt  of  funds 
by  Annex  and  Al’s  bank,  but  was  told  the  bank 
does  not  use  acknowledgements  from  online 
transfers.  The  most  disturbing  security  aspect  is 
that  no  one  at  MyBank  could  tell  me  where  my 
money  was  when  it  was  not  in  my  account  and 
not  in  Annex's  or  Al’s. 

Then  security  at  MyBank  plummeted  to  a  new 
low.  The  reasonable  logon  security  had  been 
shattered,  as  the  long  private  code  was  no 


longer  required.  Now  my  publicly  available 
account  number  and  a  mere  four-digit  PIN  was 
the  sole  defense  of  any  account  that  sits  on  the 
Internet.  The  obvious  attempt  to  simplify  the 
user  experience  is  a  devastating  blow  to  securi¬ 
ty.  An  ATM  card  only  requires  a  four-digit  PIN,  but 
it  employs  the  “something  you  own,  something 
you  know’’ identification  mantra.  Silly  me  for 
expecting  better  banking  security  on  the 
Internet. 

When  I  once  more  attempted  to  pay  my  staff,  A1 
was  again  the  victim.  His  money  was  snafued  in 

The  obvious  attempt  to 
simplify  the  user  experi¬ 
ence  is  a  devastating  blow 
to  security. 

the  labyrinth  of  MyBank’s  infrastructure.  Without 
my  knowledge  or  approval,  a  banking  employee: 
(1)  cancelled  my  payment  to  Al,  (2)  issued  a  pay¬ 
ment  from  my  account  with  something  called  a 
“forced  check”  to  Al,  (3)  withdrew  a  duplicate 
payment  from  my  account  without  my  authoriza¬ 
tion  and  deposited  it  in  Al’s  account,  and  (4)  can¬ 
celled  another  payment  to  Al.The  net  effect  of  this 
security  transgression  was  a  cascade  of  bad 
checks,  overdrafts  and  the  freezing  of  Al’s  other 
accounts. 

Then  it  got  worse.  Al  says  MyBank  told  him  that 
the  money  was  removed  from  his  account  (with¬ 
out  authorization  or  notice)  because  my  corpo¬ 


rate  account  had  insufficient  funds  to  cover  his 
paycheck.This  security  breach  was  in  clear  viola¬ 
tion  of  any  number  of  privacy  and  banking  laws 
or  compliant  governance  besides  being  an 
absolute  untruth. 

If  any  one  of  these  had  been  an  isolated  inci¬ 
dent,  so  be  it,  but  I  was  sucked  into  the  pandemic 
maelstrom  of  a  stream  of  significant  security 
lapses.  MyBank  chose  to  use  the  easiest  and 
weakest  identification  possible.  All  three  basic 
security  principles  —  confidentiality  integrity  and 
availability  —  were  violated  through  poor  appli¬ 
cation  design,  inexplicable  movement  of  money 
social  engineering  and  denial  of  funds.To  see  two 
major  remote  banking  systems  designed  with 
such  holes  suggests  that  the  application  develop¬ 
ment  folks  are  using  weak  security  as  a  trade-off 
for  a  simpler  customer  experience. 

Security  and  user  experience  (functionality) 
are  inversely  proportional,  but  it  appears 
MyBank  has  taken  the  easy  way  out:  Listen  to 
customers  who  complain  about  security  barri¬ 
ers,  remove  or  reduce  their  efficacy  and  see  what 
happens.  I  had  hoped  by  now  that  most  major 
financial  institutions  had  crossed  the  security 
awareness  boundary  from  clueless  to  clued-in. 
Hopefully  my  experience  can  serve  as  a  model 
on  what  not  to  do. 

Schwartau  is  a  security  writer,  lecturer  and  pres¬ 
ident  of  Interpact,  a  security  awareness  consult¬ 
ing  firm.  He  can  be  reached  at  winn@thesecu- 
rityawarenesscompany.  com. 
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The  ROI  of  VoIP 

A  step-by-step  guide  to  determining  the  true  cost  and  benefits  of  VoIP. 


BY  ROBIN  GAREISS 


o'*  j&'fSI 


When  it  comes  to  VoIF?  most  network  managers  are 
satisfied  that  the  technology  works.  The  challenge  is 
developing  cost  analyses:  What  will  the  new  technolo¬ 
gy  cost  to  roll  out  and  support,  and  what  benefits  can 
companies  expect  to  reap? 

There’s  no  single  shrink-wrapped  answer.  But  Nemertes 
Research  interviewed  65  IT  executives  at  leading-edge  compa¬ 
nies  across  a  range  of  industries  and  developed  real-world 
guidelines  for  analyzing  the  costs  and  savings  that  can  result 
from  VoIP  projects. 


Step  1.  Preplanning  is  key 

In  most  projects,  the  first  stage  is  preplanning  in  which  com¬ 
panies  assess  the  network,  including  present  and  future  appli¬ 
cations  requirements  and  future  business  plans,  such  as  new 
moves,  company  growth,  and  merger  and  acquisition  possibili¬ 
ties. 

It’s  at  this  stage  that  companies  answer  the  fundamental  ques¬ 
tion:  Is  it  worth  moving  to  a  converged  infrastructure,  and  if  so, 
at  what  pace? 

Once  companies  decide  the  technology  is  worth  further 
exploration,  they  enter  the  official  “planning”  stage,  during 
which  they  should  perform  several  tasks,  including  assigning  a 
project  leader,  evaluating  management  and  security  options, 
and  working  to  raise  end-user  excitement  in  the  project. 

Most  importantly,  they’re  developing  a  detailed  ROI  to  vali¬ 
date  the  project  financially. 


Step  2.  Determine  start-up  costs 

Start-up  costs  fall  into  two  general  categories:  operational  and  capital.  In 
both  cases,  the  figures  in  this  report  represent  actual  costs  that  companies 
participating  in  the  research  study  incurred,  starting  with  the  planning 
stages  and  ending  once  the  initial  troubleshooting  was  finished. 

For  operational  costs,  companies  provided  the  staff  hours  or  actual  dol¬ 
lars  devoted  to  the  baseline  network  assessment,  project  planning,  installa¬ 
tion  of  the  IP  PBX(s)  and  accompanying  handsets,  and  troubleshooting. 
Companies  that  installed  a  unified  messaging  system  or  audio/video 


Overall  average  installation  costs 

Expect  to  spend  nearly  $100,000  on  installation  of  yourVolP  network. 


People  hours 

Average  cost 

Basefiae  network  assessment 
(internal  w  external) 

$17,220 

Platting 

447 

$23,563 

Installation 

631 

$37,676 

MkMhg 

263 

$13,396 

Total 

1,340 

$91,845 

BASSO  ON  es  COMPANSS  WITH  MEDIAN  REVENUE  OF  J600M. 


bridge  with  their  initial  implementation  also  included  the  time  it  took  to  handle 
those  tasks. 

Capital  costs  are  defined  as  the  IP  PBX,  phones  and  network  equipment  explic¬ 
itly  installed  for  the  initial  VoIP  rollout. 

Part  of  the  planning  phase  includes  a  baseline-network  assessment,  or  a  net¬ 
work  readiness  study.  Companies  typically  budget  about  $20,000  for  the  assess¬ 
ment,  though  larger  companies  spend  $50,000  or  more.  Typically,  a  vendor,  sys¬ 
tems  integrator,  value-added  reseller,  carrier  or  internal  IT  staff  evaluates  the 
organization’s  network,  running  simulated  voice  traffic  over  it  to  determine  what 
upgrades  are  necessary. 

The  baseline  network  assessment  has  become  a  crucial  part  of  any  VoIP  imple¬ 
mentation.  Although  some  companies  abide  by  the  finger-to-the-wind  test,  a 
growing  number  of  IT  executives  strongly  suggest  conducting  such  an  assess¬ 
ment,  despite  the  cost.“VoIP  is  so  new  to  us.  We’d  be  concerned  with  what  it  does 
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VoIP  cost  per  unit 

Companies  with  1,000  or  more  users  are  able  to  show  the  lowest 
cost  per  unit. 


Number 
of  users 

Operational 
cost  per  user 

Hardware  cost  per 
unit  (including  PBX) 

Total  cost 
per  unit 

Fewer  than  100 

$122 

$641 

$763 

100-499 

$136 

$771 

$907 

500-999 

$117 

$548 

$665 

1,000  or  more 

$37 

$488 

$525 

to  our  data  traffic.  We  can’t  take  it  casually”  says  Irving  Tyler,  CIO  of  Quaker 
Chemical  Company  in  Conshohocken,  Pa. 

Operational  start-up  costs  vary  considerably  based  on  the  company  size  and 
state  of  deployment.  For  example,  companies  with  100  to  499  users  spend  the 
most  per  user,  and  costs  drop  as  the  number  of  users  on  the  VoIP  system  increas¬ 
es.  This  is  primarily  because  companies  are  able  to  leverage  the  costs  involved 
with  planning,  installation  and  troubleshooting  among  a  greater  number  of  end 
users. 

Organizations  with  fewer  than  100  users  spend  less  than  those  with  100  to  499 
users.  Often,  companies  with  fewer  than  100  users  are  running  small  trials  and 
haven’t  invested  in  a  baseline  network  assessment  yet,  so  their  cost  per  user 
appears  lower. 

Also,  organizations  with  small  rollouts  usually  keep  their  implementations 
straightforward,  eliminating  some  of  the  time-consuming  complexities  of  larger 
rollouts,  such  as  integrating  the  gear  into  current  TDM  PBXs  or  voice  mail  sys¬ 
tems. This  keeps  the  fewer-than- 100-user  rollouts  lower  than  the  next  level  up. 

The  trends  were  similar  with  capital  costs.  The  highest  cost  per  unit  is  among 
companies  with  100  to  499  users,  at  $771. The  lowest  cost  per  unit  is  among  com¬ 
panies  with  more  than  1,000  units,  at  $448. 

In  cases  where  the  average  phone  cost  is  high,  it’s  usually  organizations  that 
have  added  audio  or  video  equipment  to  their  hardware  costs,  or  those  that 
have  invested  heavily  in  equipment  and  still  are  running  trials  so  they  don’t  have 
as  many  phones  in  use  as  the  equipment  supports. 

For  example,  one  large  global  manufacturer  has  spent  $2  million  on  equip¬ 
ment,  housed  in  five  U.S.  and  two  European  locations.  But  it  only  has  350  users 
on  the  system  now,  as  it  runs  trials  and  starts  a  slow  rollout.  Once  fully  deployed, 
the  switches  will  support  thousands  of  users,  lowering  the  cost  per  unit,  even 
though  the  company  will  buy  more  handsets. 

Step  3.  Don't  forget  the  cost  of  management  tools  and  training 

Aside  from  the  initial  capital  equipment  and  operational  costs,  many  compa¬ 
nies  overlook  a  few  other  key  cost  considerations:  management  tools  and  train¬ 
ing. 

Only  about  25%  of  companies  budget  upfront  for  specialized  management 
and  security  tools.  Many  network  managers  say  current  management  tools  will 
do  the  trick,  and  (if  they  acknowledge  that  voice  traffic  must  be  secured)  stan- 


VoIP  training  budget 

Many  companies  forget  to  factor  training  intotheirVolP  calculations. 


Small 

Midsize 

Large 

Number  of  IT  staff 
sent  to  training 

1-2 

2-5 

10-30 

Cost  per  person 

$2,500 

$2,000 

$1,700 

Total  budget 

$2,500  -  $5,000 

$4,000  -  $10,000 

$17,000  -  $51,000 

dard  security  practices  already  in  place  will  take  care  of  the  security  issues. 

But  this  isn’t  the  end  of  the  story.  Most  companies  that  didn’t  budget  for  man¬ 
agement  and  security  end  up  wishing  they  had.  Sometime  within  12  months 
after  installation,  companies  recognize  they  need  VoIP-specific  management 
tools,  and  they  start  shopping. The  budget  for  management  tools  should  be  set 
at  about  $50,000,  and  companies  should  budget  a  minimum  of  $100,000  (this 
could  go  significantly  higher,  depending  on  the  size  of  the  company  and  the 
extent  of  the  rollout). 

Training  is  another  area  that  companies  often  fail  to  budget  for,  or  underesti¬ 
mate.  The  average  amount  survey  participants  spent  on  training  was  $16,438. 
Vendors  and  training  organizations  typically  charge  between  $1,700  and  $2,500 
per  IT  staff  member,  though  some  IT  executives  say  they  have  been  able  to  nego¬ 
tiate  two-for-one  training  deals. 

Step  4.  Calculate  savings  from  long-distance  and  local  loop 

When  VoIP  first  came  onto  the  scene,  networking  staffs  eyed  per-minute,  long¬ 
distance  rates  as  the  big  benefactor  of  the  technology.  That’s  not  the  case  any¬ 
more.  On  average,  companies  are  spending  between  2  cents  and  4  cents  per 
minute  on  their  long-distance  calls. VoIP  isn’t  going  to  reduce  those  rates  much 
further.  Internationally,  though,  companies  are  saving  between  20%  and  40%  on 
their  per-minute  rates,  depending  on  the  country. 

According  to  the  study,  companies  decreased  their  telecom  costs  by  25%  to 
60%  when  they  converged  their  networks.  This  takes  into  account  per-minute 
long-distance,  local  loops,  plain  old  telephone  service  (POTS)  lines  and 
audio/video  services. 


Local  loops  represent  one  area  in  which  companies  save  money. This  primari¬ 
ly  applies  to  large  businesses  that  have  more  than  two  access  lines  into  a  given 
location.  IT  executives  say  they  limit  their  access  lines  in  remote  locations  to  two 
to  four  (for  redundancy  sake),  and  they  reassess  how  much  access  bandwidth 
they  need.  In  doing  so,  they  might  increase  a  6M  bit/sec  line  to  a  full  T-3  and  keep 
two  back-up  T-ls,  but  in  the  process  get  rid  of  15T-1  lines  for  voice  traffic  and  one 
6M  bit/sec  line  for  data.  Another  area  of  savings  is  POTS  or  trunk  lines. 
Companies  can  eliminate  70%  to  95%  of  their  POTS  lines,  at  an  average  cost  of 
about  $45  each. 

It’s  important  to  keep  in  mind  the  WAN  itself  likely  will  need  about  30%  more 
availability  to  handle  the  voice  traffic.  Because  most  companies  keep  their  aver¬ 
age  utilization  at  less  than  50%,  they  usually  have  enough  spare  capacity  —  with 
the  right  management  tools  in  place  —  to  add  bandwidth  only  in  key  locations. 
The  value  of  convergence  is  reducing  the  excess  capacity  that  exists  in  both  the 
voice  and  data  networks. 

Step  5.  Don't  forget  potential  audio  and  videoconferencing  savings 

Some  companies  have  realized  that  substantial  cost  savings  exist  by  shifting 
audioconferencing  and  videoconferencing  traffic  to  the  IP  network.  IT  staffs 
often  overlook  both  areas  when  doing  their  initial  ROl,  or  consciously  place 
them  in  the  second  phase  of  the  rollout. 


Circuit  savings  for  converged  networks 

Companies  can  save  money  on  international  cails,  access  lines  and 
POTS  charges. 


Small 

Midsize 

Large 

Per-minute  long  distance 
—  international 

40% 

20% 

20%  -  30% 

Local  loops  (per  site) 

0 

1  to  2 

2  to  6 

Average  monthly  cost 
(x  $400  each) 

0 

$400  to  $800 

$800  to  $2,400 

Annual  savings 

$4,800  to  $9,600 

$9,600  to  $28,800 

POTS  lines  (site  100%  IP) 

95% 

75% 

70% 

Average  cost  ($45/line) 

Varies  depending  on  total  lines. 
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How  the  vendors  stack  up 

Nemertes  assessed  costs  by  vendor.  It's  important  to  note  that  these  costs 
reflect  the  average  of  actual  dollars  spent  by  the  65  companies  surveyed, 
divided  by  the  number  of  end  users  on  the  VoIP  system  at  the  time  of  the 
study.  Nemertes  anticipates  some  changes  to  these  numbers  as  companies 
add  more  users  to  current  systems. 

Operational  costs: 

•  Companies  with  fewer  than  1,000  end  users:  Avaya  is  highest,  fol¬ 
lowed  by  Nortel  and  Cisco.  ShoreTel,  designed  primarily  for  small  and  mid¬ 
size  businesses,  is  significantly  less  expensive,  validating  customer  feed¬ 
back  that  its  system  is  easy  to  use  and  install. 

•  Companies  with  more  than  1,000  end  users:  Cisco  is  highest,  fol¬ 
lowed  by  Nortel,  Avaya  and  ShoreTel. 

Capital  costs: 

Avaya  was  the  highest  in  both  size  categories,  while  Nortel  had  the  lowest 
costs  for  fewer  than  1,000  end  users,  and  ShoreTel  had  the  lowest  costs  per 
unit  for  more  than  1,000  units. 

According  to  the  research,  companies  that  install  Cisco  to  a  large  number 
of  locations,  and  hence,  a  large  number  of  users,  tend  to  install  a  Call 
Manager  in  multiple  locations,  raising  the  cost  per  unit.  Additionally,  they 
often  find  their  routers  at  remote  locations  are  incompatible  with  the  VoIP 
system,  and  they  must  upgrade  mid-project  —  again  adding  time  and  costs 
to  the  rollout. 

Avaya’s  cost  per  unit  drops  for  installations  of  more  than  1,000  units,  illus¬ 
trating  that  the  bulk  of  its  operational  costs  are  in  the  installation  and  trou¬ 
bleshooting  of  the  switch  itself.  Once  that's  up  and  running,  expanding  the 
system  out  to  thousands  of  users  drastically  lowers  the  cost  per  unit.  Also, 
many  of  the  companies  that  are  using  Avaya’s  equipment  are  extremely  con¬ 
cerned  about  redundancy,  so  they  have  purchased  more  than  one  IP  PBX, 
which  raises  the  cost  —  particularly  when  assessing  it  per  user  for  smaller 
installations. 

Nortel,  on  the  other  hand,  has  a  fairly  good  handle  on  pricing  —  it's  not  too 
high  in  any  category  and  typically  represents  an  “average"  or  "fair"  cost 
when  measured  by  unit. 

ShoreTel's  cost  per  unit  is  lowest  in  every  category  except  capital  costs  and 
total  costs  for  small  rollouts. 

New  construction  savings 

For  new  buildings,  cabling  costs  can  be  a  huge  number  in  the  “savings"  col¬ 
umn.  Companies  report  saving  20%  to  40%  by  running  wiring  for  one  net¬ 
work  instead  of  two.  Advertising  and  communications  firm  inChord 
Communications,  for  example,  slashed  40%  on  cabling  cost  in  its  new  build¬ 
ing,  from  $252,000  to  $180,000. 


GREG  MALBY 


Typically,  a  company  realizes  a  four-  to  12-month  payback  when  it  buys  an  IP- 
based  video  or  audio  server  and  run  the  traffic  over  its  IP  network  rather  than 
via  a  circuit-switched  service. 

In  terms  of  videoconferencing,  companies  are  spending  from  25  cents  to  $1.25 
per  minute,  per  participant.  It’s  easy  to  see  how  the  savings  could  quickly  add  up. 
For  example,  a  manufacturer  had  been  paying  Sprint  $317,000  per  year  for  ser¬ 
vice.  It  then  spent  about  $170,000  on  video  equipment  and  ran  the  traffic  over 
the  data  network,  realizing  a  five-month  payback. 


Cost  details  for  audioconferencing  savings 

VoIP  can  bring  significant  cost  savings  on  audio  and  videoconferencing. 


800-person  professional 
services  firm 

1,000  person 
engineering  firm 

Per-minute  price  prior  to  VoIP 

15  cents 

19  cents 

Per-minute  price  after  VoIP 

2  cents 

1  cent 

MinHtes  per  month 

180,000 

27,000 

Cost  prior  to  VoIP 

$27,000 

$5,000 

Cost  after  VoIP 

$3,600 

$250 

Monthly  savings 

$23,400 

$4,750 

Jtnnnual  savings 

$280,800 

$57,000 

Equipment  cost 

$132,000 

$21,000 

Payback  in  months 

Six'  months 

Four  months 

Step  6.  Factor  in  moves,  adds  and  changes 

One  of  the  best-known  benefits  of  VoIP  is  the  savings  that  result  from  moves, 
adds  and  changes.  On  average,  companies  spend  $105  on  moves,  adds  and 
changes,  but  the  range  is  from  $60  to  $250.  Companies  save  anywhere  from  89% 
to  98%  on  moves,  adds  and  changes,  depending  on  the  company  size  and  num¬ 
ber  of  moves,  adds  and  changes  per  year. 

The  savings  aren’t  as  great  when  companies  already  perform  their  own  moves, 
adds  and  changes  for  TDM  PBXs.They’re  still  dropping  their  overall  costs,  but  the 
dollar  amounts  are  not  as  great.  Internal  moves,  adds  and  changes  for  TDM  PBXs 
typically  take  about  45  minutes,  while  moves,  adds  and  changes  for  IP  PBXs  take 
up  to  10  minutes. The  average  cost  for  an  internal  TDM  move,  add  and  change  is 
$32.52,  and  $5  for  an  IP  PBX  —  for  about  an  85%  cost  savings. 

Step  7.  Personnel  savings 

Personnel  savings  are  no  longer  the  big  draw  they  were  during  the  boom  years. 
Most  organizations  have  fairly  lean  IT  and  network  staff  to  begin  with.  Where  we 
see  most  of  the  value  here  is  in  cost  avoidance.  IT  executives  say  they  had 
planned  to  hire  one  or  two  more  people  and  then  did  not  have  to  because  they 
were  able  to  cross-train  current  staff,  reduce  workload  and  make  do  with  the  sta¬ 
tus  quo. 

On  average,  companies  were  able  to  cut  $76,839,  or  an  average  of  0.74  posi¬ 
tions,  from  the  IT  budget  because  of  convergence  projects.  It’s  not  a  make-or- 
break  number  for  a  given  project,  but  it  certainly  adds  further  justification  to  the 
ROI. 

In  addition  to  the  IT  staff,  some  companies  have  been  able  to  reduce  their 
receptionist  staffs  by  using  the  automated  attendant  features  of  some  of  the  IP 
phone  systems  from  companies  such  as  Cisco  and  ShoreTel.  Rather  than  having 
10  receptionists  answering  phones  at  10  locations,  companies  have  reduced  the 
number  to  five  receptionists,  each  handling  two  locations  (or  in  some  cases, 
even  greater  ratios). They  can  transfer  the  calls  over  the  IP  network  so  they’re  not 
incurring  long-distance  charges. 

The  bottom  line  is  costs  and  savings  are  multifaceted,  and  it’s  imperative  for 
companies  to  do  a  detailed  assessment  that  includes  all  of  these  components. 

Gareiss  is  executive  vice  president  at  Nemertes  Research,  which  specializes  in  quan¬ 
tifying  the  business  impact  of  emerging  technologies.  She  can  be  reached  at 
robin  @nemertes.  com. 
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EmergeCore  combines  file 
sharing,  Web  server,  e-mail 

BY  PAUL  FERRILL 
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INTERNET  APPLIANCE 

IT-100  IT  in  a  Box 
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EmergeCore 


$1,395  for  basic  system  w/  20G-byte  hard  drive 
and  802.11b. 
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Pros:  All-purpose  box  for  basic  small  and  midsize 
business  needs;  including  e-mail,  Web  server 
and  file  sharing. 

Cons:  No  Wi-Fi  Protected  Access  support  for 
wireless,  no  support  for  external  USB 
devices  except  backup. 


Small  and  midsize  businesses  looking  to  set  up  shop  with  e-mail,  file  and 
printer  sharing,  and  a  Web  presence  have  options  such  as  Microsoft’s  Small 
Business  Server,  or  Linux  distributions  that  come  with  all  the  software  they 
need  (although  setup  and  configuration  aren’t  for  the  faint  of  heart). 


The  Breakdown  Features  40% 

4 

Scoring  Key:  5:  Exceptional;  Management  40% 

3 

4:  Very  good;  3:  Average;  Setup/lnstallation  10% 

3 

Consistently  subpar  Documentation  10% 

2 

Total  score 

3.3 

For  a  Linux  option  that  is  simple  to  set  up  and  config¬ 
ure,  consider  the  EmergeCore  IT-100  IT  in  a  Box.  The  IT- 
100  is  a  handy  single-point  appliance  for  file  sharing, 
Web  and  FTP  serving,  and  email.  For  most  end  users  the 
cost  will  be  part  of  a  long-term  service  agreement  with 
an  ISP  and  shouldn’t  be  a  factor  in  deciding  to  go  with 
the  product. 

Features  and  apps 

EmergeCore’s  business  proposition  is  aimed  squarely  at 
ISPs.  With  prices  for  high-speed  DSL  or  cable  continuing 
to  drop,  it’s  imperative  for  ISPs  to  offer  additional  value  to 
its  business  customers.The  IT-100  has  several  features  that 
you’d  expect  to  get  with  a  higher-end  server,  but  in  a  pack¬ 
age  not  much  larger  than  a  small  router. 

The  hardware  portion  of  the  IT-100  we  tested  is  a  stan¬ 
dard  set  of  components  —  including  four  10/100 
Ethernet  ports, an  802.1  lb  wireless  access  point, two  USB 
2.0  ports  for  attaching  an  external  hard  drive  or  printer, 
and  a  206-byte  hard  drive. The  box  itself  is  not  much  big¬ 
ger  than  a  DSL  modem/router  combination  box. 

The  IT-100  has  the  basics  covered  with  e-mail,  FTP  and 
Web  servers  ready  to  go  out-of-the-box.  Each  component 
must  be  individually  configured  for  use 
through  a  simple  Web-based  configura¬ 
tion  screen.  The  system  includes  an 
easy-to-use  Web  site  creation  tool  called 
Web  Builder.  It’s  comparable  to  offerings 
from  ISP  vendors  such  as  Verizon  for 
creating  a  basic  home  page.  Web 
Builder  offers  several  screens  where  you 
choose  from  a  list  of  site  categories  or 
themes,  add  contact  information  and 
choose  what  type  of  site  navigation  will 
be  displayed.  The  process  is  straightfor¬ 
ward  and  would  work  for  creating  a  sim¬ 
ple  Web  site. 

Configuring  client  email  programs  to 
use  the  IT-100  took  only  a  few  steps. The 
EmergeCore  Web  site  offers  several 
how-to  options,  including  how  to  con¬ 
figure  Outlook  to  talk  to  an  IT-100  mail 
server.  It  doesn’t  offer  information  for 
other  email  clients,  although  the  infor¬ 


mation  provided  in  the  Outlook  How-To  was  generic 
enough  that  we  could  configure  Mozilla  Thunderbird  to 
work  with  it. 

Sharing  files  on  a  Windows  network  worked  well. To  get 
up  and  running,  we  just  needed  to  enter  a  workgroup 
name  and  NetBIOS  host  name  (see  How  we  did  it  at 
www.networkworld.com,  DocFinder:  7925).  A  drawback 
is  the  lack  of  support  for  anything  other  than  Windows 
NT  domains,  which  means  we  couldn’t  authenticate  to 
Active  Directory  or  join  an  Active  Directory  domain. This 
will  only  be  a  problem  if  you  have  a  Windows  2003  serv¬ 
er  on  your  network  acting  as  a  domain  controller. 

The  system’s  Traveler  application  helps  SMBs  manage 
trips.  It  offers  a  place  to  enter  an  itinerary,  airline,  hotel 
and  rental  car  information  for  later  access.  While  the 
application  is  straightforward  and  might  be  useful  for 
sharing  your  itinerary  information  with  others.it  wouldn’t 
be  practical  unless  you  had  constant  access  to  the 
Internet. 

A  customer  relationship  management  (CRM)  applica¬ 
tion  is  also  included  to  let  SMB  owners  manage  cus¬ 
tomer  data.  It’s  not  on  par,  for  example,  with  a  Siebel 
product,  but  it  does  the  basics  of  tracking  names  and 
contact  information. 

Security 

To  protect  a  company’s  network  from 
outside  attack,  the  IT-100  includes  a 
Linux-based  firewall  with  multiple  lev¬ 
els  of  protection,  intrusion  detection 
that  reports  on  the  integrity  of  program 
files,  and  configurable  alarms. The  secu¬ 
rity  features  are  solid,  based  on  time- 
tested  Linux  applications. 

Wireless  security  support  includes 
media  access  control  address  filtering 
(we  liked  how  it  was  turned  on  by 
default),  as  well  as  username/password 
authentication  and  up  to  128-bit  Wired 
Equivalent  Privacy  encryption.  On  the 
downside  you  won’t  find  any  support 
for  Wi-Fi  Protected  Access.  While  the 
box  we  tested  did  not  support  802.1  lg, 
it  is  available  as  an  option. 


Administration 

Managing  the  IT-100  can  be  done  through  a  Web 
browser  wherever  there’s  Internet  access.  The  manage¬ 
ment  console  provides  all  the  necessary  information  in 
a  very  readable  format  with  a  tree-view  of  configura¬ 
tion  items  on  the  left  side  of  the  page  and  detailed 
information  on  the  right,  similar  to  a  Windows  Explorer 
display.  From  the  top  level  you  see  graphical  and 
tabbed  views  depicting  the  system’s  status.  Another 
nice  touch  is  the  listing  of  technical  support  phone 
numbers  and  the  system’s  serial  number  on  the  system 
summary  page. 

A  back-up  and  restore  feature  lets  you  back  up  the  1T- 
100’s  data  locally,  to  an  external  USB  storage  device  or 
over  the  network  to  a  Windows  file  share.  The  automatic 
scheduled  backup  comes  disabled  by  default,  but  can  be 
easily  enabled.  The  20G-byte  hard  drive  in  the  unit  we 
tested  was  too  small  for  more  than  simple  e-mail  storage, 
although  you  can  get  a  60G-  or  lOOG-byte  version. 

Setup 

Getting  the  IT- 100  up  and  running  took  less  than  10 
minutes.  An  Express  Setup  Guide  led  us  through  the  nec¬ 
essary  steps  of  connecting  the  box  to  the  Internet  and  at 
least  one  workstation.  A  single  RJ-45  jack  on  the  back  of 
the  IT-100  connects  to  a  DSL  or  cable  modem  for  access 
to  the  Internet. 

We  disliked  having  to  set  the  IP  address  of  our  work¬ 
station  to  10.9.8.10  to  talk  to  the  IT-100.  It  would  seem 
more  intuitive  to  have  DHCP  enabled  to  make  the  setup 
process  simpler.  Fortunately,  the  configuration  process 
prompts  you  for  a  new  address  if  you  need  to  change  it. 
We  liked  the  ability  to  go  back  and  change  our  configu¬ 
ration  settings  at  a  later  date. The  guide  says  this  the  first 
time  you  get  to  an  optional  component  such  as  CRM  or 
Traveler.  All  the  installation  dialogs  are  clear  and  easy  to 
understand. 

While  the  IT-100  includes  a  serial  and  parallel  port,  nei¬ 
ther  one  worked  in  our  test.  The  EmergeCore  Web  site 
recommended  using  IP  printing  on  the  local  network  as 
a  solution  for  shared  printing. 

Ferrill  is  a  freelance  reviewer  and  writer  in  Lancaster, 
Calif.  He  can  be  reached  at  paul.ferrill@verizon.net. 


EmergeCore's  IT-100  IT  in  a  Box 
comes  equipped  with  e-mail,  FTP 
and  Web  servers. 


Another  challenge  to  the  IP 
address  management  throne 


BY  BARRY  NANCE,  NETWORK  WORLD  LAB  ALLIANCE 

In  our  quest  to  find  the  best  IP  address  management  tool  (www.network 
world.com,  DocFinder:  7921),  IPControl  2.0  from  International  Network 
Services  slipped  under  our  radar.  So  we  recently  subjected  IPControl  to  the 
same  tests  and  criteria  we  used  in  our  May  9  story 


w  h  '  _  ; 

IPControl  2.1 

International  Network  Services 

Results  3.8 


From  10  cents  to  $2.50  per  node 

Pros:  Intuitive,  easy-to-navigate  user  interface; 
_ low  cost _ _ 

Cons:  Not  as  feature-rich  or  as  fast  as  VitalQIP. 


The  Breakdown  Performance  20% 

4 

Scoring  Key:  5:  Exceptional:  IP  address  management  20% 

4 

4:  Very  good;  3:  Average;  Ease  of  use  20%  « 

9*  Rplnw  a\/ppfl0p’  r 

4 

Consistently  subpar  Scalability  10% 

3 

Security  10% 

4 

Installation  10% 

3 

Documentation  10% 

4 

Total  score 

3.8 

The  perfect  IP  address  management  tool  should  flexibly 
and  efficiently  assign  IP  addresses  to  all  IP  devices,  central¬ 
ly  manage  the  address  and  URL  information  across  a  com¬ 
pany  quickly  and  effortlessly  equate  host  names  with  IP 
addresses, scale  well,  be  intuitive  to  use  and  be  pervasively 
platform-neutral.  The  tool  also  must  have  useful  reports, 
integrate  with  custom-written  applications,  cooperate  with 
Active  Directory,  be  Lightweight  Directory  Access  Protocol 
(LDAP)-aware  and  deal  robustly  with  badly  formed  or  non- 
compliant  DHCP  requests. The  best  tool  also  is  highly  fault- 
tolerant  and  enforces  security  to  help  keep  hackers  at  bay 

We  found  IPControl  to  be  less  expensive  than  Lucent 
Technologies’  VitalQIP  and  Metainfo’s  Meta  IP  yet  just  as 
easy  to  use.  However,  VitalQIP  (the  May  9  Clear  Choice 
Award  winner)  is  faster,  offers  more  features  and  is  more 
scalable. 

Organizing  your  addresses 

IPControl  did  a  good  job  of  discovering  and  cataloging 
our  network’s  devices  via  its  queries  of  router  subnets, 
DHCP  address  pools  and  individual  IP  addresses.  After  ini¬ 
tially  discovering  our  IP-based  network  nodes,  IPControl 
separately  managed  actual  vs.  planned  addressing 
schemes  to  provide  us  with  a  forward-looking  view  of  our 
future  network  as  it  expanded.  We  also  liked  IPControl’s 
BIND  versions  8  and  9  compliance,  as  well  as  integration 
with  Active  Directory  IPControl  can  direct  the  operations  of 
Windows  Server’s  DHCP  services  just  as  well  as  it  can  its 
own  DHCP  server  software. 

The  IPControl  platform  includes  a  central  InControl 


IP  address  requests  DNS  resolution  performance 


Product 
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Product 
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seconds 
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VitalQIP 

44 

1,136 

VitalQIP 

28 

1,786 

Meta  IP 

58 

862 

Meta  IP 

35 

1,428 

IPControl 

58 

862 

IPControl 

36 

1,389 

DNSBoxes 

65 

769 

DNSBoxes 

42 

1,190 

*  SQJXX)  requests  di/id«l  by  elapwd  •  50,000  name  requests  divided  by 

s<»cor.d6  value  elapsed  seconds  value 


Executive,  at  least  one  but  possibly  several  InControl 
Agents,  a  central  database  and  an  Administrative  Interface. 
The  Executive  application  directs  the  activities  of  the 
agents,  stores  IP  addressing  information  in  the  database 
and  accepts  interactive  configuration  data  from  the 
Administrative  Interface.  The  default  database  is  MySQL 
(included),  but  on  Solaris  you  can  substitute  your  own 
copy  of  Oracle’s  relational  database.  INS  supplies  DHCP 
software  that  runs  on  Red  Hat  Linux  and  Solaris,  and  BIND 
software  that  runs  on  Windows,  Red  Hat  Linux  and  Solaris. 
IPControl  runs  on  Solaris,  Windows  (2000,  2003  and  XP) 
and  Red  Hat  Linux.  If  you  prefer  a  network  appliance,  INS 
sells  IPControl  pre-loaded  in  a  rack-mountable  device. 

As  in  our  earlier  test,  we  measured  performance  by  run¬ 
ning  custom  client  software  that  rapidly  requests  50,000 
dynamic  IP  addresses  and  noting  the  elapsed  time  that 
each  tool  took  to  respond  (see  How  we  did  it  at  www.net- 
workworld.com,  DocFinder:  7926).  We  ran  the  program  six 
times,  one  test  on  each  network  segment  in  our  lab.  We  also 
benchmarked  DNS  activity.  Our  test  software  issued  a  flood 
of  50,000  name-to-lP  address  resolution  requests,  and 
obtained  responses  from  a  DNS  server  (see  graphic  below). 

For  reliability  and  robust  address  management,  the  DHCP 
server  within  the  IPControl  architecture  handles  failover 
according  to  the  IETFs  DHCP  Failover  Protocol  Internet 
Draft  for  primary/secondary  servers.  VitalQIP  and  Meta  IP 
go  a  step  further  by  supporting  multiple  running  DHCP 
servers,  as  well  as  primary/secondary  DHCP  servers.  Both 
IPControl  and  VitalQIP  can  optionally  ping  a  DHCP 
address-requesting  client  at  lease  time  to  make  sure  a 
DHCP  request  isn’t  spurious. 

IPControl, VitalQIP  and  Meta  IP  offer  logon  authentication 
via  callout  script  or  a  program  that  you  write.  However, 
VitalQIP  and  Meta  IP  have  explicit  support  for  such  opera¬ 
tions  as  relating  an  IP  address  to  a  media  access  control 
(MAC)  address  (user-to-address  mapping),  which  in 
IPControl  requires  that  an  administrator  write  a  callout  pro¬ 
gram.  VitalQIP  and  Meta  IP  have  explicit  support  for  LDAP 
With  IPControl,  you  must  use  the  callout-service  feature  to 
integrate  it  with  an  LDAP  repository. VitalQIP  also  explicitly 
supports  Dynamic  DNS  multi-master  updates,  while 
IPControl  has  a  listener  service  that  can  perform  incre¬ 
mental  updates,  as  well  as  updates  of  multiple  masters. 


IPControl  cannot  send  SNMP  alerts  to  a  network  manage¬ 
ment  system  when  it  detects  an  address  from  a  particular 
MAC  address  or  user  logon,  but  VitalQIP  can. 

Like  IPControl,  VitalQIP  is  available  on  a  network  appli¬ 
ance  and  runs  on  Solaris,  Windows  (2000,  2003  and  XP) 
and  Red  Hat  Linux.  VitalQIP  additionally  runs  on  A1X  and 
HP-UX.Meta  IP  runs  on  Solaris, Red  Hat  Linux, Debian.SuSE 
and  Windows  (2000,2003  and  XP).In  contrast  to  IPControl, 
VitalQIP’s  database  options  include  both  the  Oracle  and 
Sybase  Adaptive  Server,  relational  DBMSs  and  Lucent  bun¬ 
dles  Sybase  Adaptive  Server  with  VitalQIP  Because  VitalQIP 
is  faster  and  runs  on  more  platforms,  it  is  more  scalable 
than  IPControl. 

IPControl’s  support  for  IPv6  is  a  big  plus,  while  VitalQIP 
won’t  work  with  IPv6  addresses  until  year-end.  On  the  other 
hand,  VitalQIP  has  Enum  support  for  relating  phone  num¬ 
bers  to  URLs  or  IP  addresses  (RFC  2916), whereas  IPControl 
does  not. 

Ease  of  use 

IPControl  uses  a  container  metaphor  to  help  an  adminis¬ 
trator  organize  IP  addresses  into  groups.  These  containers 
can  represent  geographical  locations  or  other  organiza¬ 
tional  elements  significant  to  a  customer.  A  collapsible  tree 
makes  quick  work  of  navigating  IP  address  blocks  if  you 
have  complex  sets  of  containers. 

We  liked  that  IPControl  let  us  effectively  delegate  admin¬ 
istrative  tasks  by  subnet.  It  supports  multiple  concurrent 
administrators,  just  as  VitalQIP  does. 

IPControl  has  a  Web  browser-based  interface  and  com¬ 
mand-line  interface,  while  VitalQIP  offers  an  easy-to-navi- 
gate  native  GUI  client  for  Windows  and  Unix  in  addition  to 
its  browser-based  and  command-line  interfaces.  However, 
IPControl  graphically  displays  network  topology  a  feature 
that  VitalQIP  lacks.  For  data  import  and  export  options, 
IPControl  had  fewer  options  and  less  extensive  templates 
than  VitalQIP 

IPControl  offers  extensive,  easy-to-use  APIs  if  you  want  to 
write  your  own  programs.  The  software  was  easy  to  install 
and  came  with  clear,  comprehensive  documentation. 

IPControl  didn’t  dethrone  VitalQIP  in  our  tests,  but  it  cer¬ 
tainly  proved  a  worthy  challenger. 

Nance  can  be  reached  at  barryn@erols.com. 
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E-MAIL  NEWSLETTER  SHOWCASE:  MESSAGING 

Should  you  check  outgoing  e-mail? 


BY  MICHAEL  OSTERMAN 

Inbound  message  content 
scanning  to  eliminate  spam  and 
malware  is  virtually  universal. 
However,  outbound  content 
scanning  is  becoming  a  hot  issue 
for  organizations. 

While  the  Securities  and  Ex¬ 
change  Commission  has  required 
investment  houses  to  sample 
e-mail  and  instant  messages  sent 
by  their  broker-dealers  after  the 
fact  to  make  sure  that  these  com¬ 
munications  don’t  contain  false 
claims  or  misleading  statements, 
there  is  a  growing  move  for  all 
types  of  organizations  to  monitor 
e-mail  messages  and  instant  mes¬ 
sages  before  they  are  sent. 

The  motivation  is  simply  to  pre¬ 
vent  unacceptable  communica¬ 
tions  —  such  as  profanity  credit 
card  numbers,  sensitive  informa¬ 
tion  and  the  like  —  from  leaving 
an  organization  and  thereby  cre¬ 
ating  liabilities.  A  failure  to  moni¬ 
tor  communications  can  have 
some  serious  consequences: 

•  Recently  a  New  York  state 
assemblyman  sent  e-mail  to 
about  300  people  in  which  he 
referred  to  some  of  his  con¬ 
stituents  as  idiots. 

•  In  June,  a  secretary  spilled 
ketchup  onto  the  pants  of  a 
lawyer  at  a  large  law  firm  in 
London.  He  asked  her,  via  e-mail, 
to  compensate  him  for  the 
approximately  $7  dry  cleaning  bill 
and  followed  this  up  with  a  note 
on  her  desk  when  she  did  not 
reply  quickly  enough.  She  replied 
to  the  lawyer  —  and  250  other 
people  —  that  her  mother’s  sud¬ 
den  illness  and  death  had  slowed 
her  response  to  his  demand.  The 
lawyer  has  resigned  from  the  firm. 

•  A  woman  intended  to  send  an 
e-mail  to  her  sister  commenting 
that  her  participation  in  a  weight 
loss  program  had  made  her  “fat 
butt”  smaller.  However,  she  mistak¬ 
enly  sent  the  e-mail  to  a  distribu¬ 
tion  list  for  her  homeowners  asso¬ 
ciation,  not  her  sister. 

It’s  important  for  users  to  be  edu¬ 
cated  on  corporate  policies  about 
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appropriate  use  of  e-mail  and  for 
these  users  to  police  themselves 
and  try  not  to  send  out  embar¬ 
rassing  or  sensitive  information.  A 
failure  to  be  careful  can  lead  to  a 
loss  of  reputation  or  a  job,  or  it  can 


lead  to  heavy  fines.  However, users 
sometimes  make  mistakes  and 
send  out  information  they 
shouldn’t  —  or  they  hold  to  the 
mistaken  notion  that  if  they  delete 
an  e-mail  message,  it’s  gone.  Any 


organization  concerned  about  its 
credibility  reputation  and  future 
should  make  sure  that  its  outgoing 
e-mail  is  as  clean  as  the  e-mail 
stream  that  reaches  its  users. 


Ostermari  is  the  principal  of 
Osterman  Research,  a  market 
research  firm  overseeing  messag¬ 
ing,  directory  and  related  products 
and  services.  He  can  be  reached  at 
michael@ostermanresearch.com. 


Only  took  you 
2  minutes  to  audit 
the  entire  network? 


Don't  tell  anyone 
or  they'll  find 
something  else 
for  you  to  do! 


Wwn  An  the  turta<» 
to*  H«*r>  wti«\  mud*. 


AuditWizard  V6  -  Simply  Effective 

No  other  software  makes  auditing  your  network  as  quick  and  easy  as  AuditWizard™. 

Install,  then  sit  back  and  let  AuditWizard™  do  all  the  complicated  stuff. 
AuditWizard™  will  automatically  discover  all  of  the  PCs  connected  to  your  network 
then  conduct  a  comprehensive  software  and  hardware  audit  of  each  one  -  without 
any  user  intervention  from  you. 


So  when  the  boss  asks  for  that  Software  License  Compliance  Report  -  you're 
good  to  go... 


...if  only  everything  in  life  was  as  simple  to  use  as  AuditWizard™ 


For  more  information  telephone  813  319  1390 
or  email  sales@auditwizard.com 


Download  a  FREE  trial  today!  www.auditwizard.com 
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E-MAIL  NEWSLETTER  SHOWCASE:  ISP  NEWS  REPORT 

Equant  aims  to  improve  performance  of  IP  apps 


BY  CAROLYN  DUFFY  MARSAN 

Equant  is  expanding  its  suite  of 
consulting  services  that  help  com¬ 
panies  improve  the  performance 
of  key  applications  running  over 
IP  networks.  The  ISP  backs  up 
these  services  with  its  first  Appli¬ 
cation  Service-Level  Agreements. 

The  SLAs  and  services,  which 
Equant  announced  in  late  June, 
are  available  in  the  nearly  200 
countries.  Customers  of  the  con¬ 
sulting  services  and  SLAs  can 
choose  either  Equant’s  private 
MPLS  network  or  its  public  In¬ 
ternet  service. 

Equant  used  to  offer  traditional 
SLAs  based  on  IP  network  metrics. 
Now  Equant  is  adding  end-to-end 
guarantees  for  how  well  applica¬ 
tions  run  over  an  IP  connection. 

“I’m  not  aware  of  anybody  else 
having  an  Application  SLA,”  says 
Dan  daCosta,  solutions  marketing 


manager  for  Equant. 

To  take  advantage  of  the  Appli¬ 
cation  SLAs,  customers  must  pur¬ 
chase  Equant’s  consulting  ser- 
vices.These  services  are  known  as 
Strategic  Network  and  Applica¬ 
tion  Predictor  (SNAP). 

SNAP  services  include  the 
Application  Performance  Analysis, 
which  involves  Equant  installing 
Packeteer  devices  on  either  end 
of  the  network  to  measure  the 
response  times  of  applications. 
Equant  consultants  and  corporate 
network  managers  use  data  from 
the  Phcketeer  devices  to  tweak 
applications  or  networks  to  opti¬ 
mize  performance. 

Customers  can  leave  the 
Packeteer  devices  in  their  net¬ 
works  for  ongoing  application 
performance  analysis.The  devices 
can  take  certain  actions  if  appli¬ 
cation  performance  falls  below 


certain  thresholds. 

Equant  also  offers  Application 
Pre-Deployment  Analysis.  This 
service  lets  corporate  network 
managers  figure  out  how  a  new 
application  will  affect  network 
performance. 

The  two  new  SNAP  services  are: 
Network  Performance  Optimiza¬ 
tion  and  Predictive  Network 
Modeling.  Under  the  first  service, 
Equant  consultants  help  cus¬ 
tomers  with  network  forecasting 
and  budgeting  to  handle  such 
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issues  as  traffic  growth  and  sea¬ 
sonal  peaks.  The  second  service 
lets  customers  ask  what-if  ques¬ 
tions  about  their  IP  networks  to 
determine  what  might  happen  if  a 
new  application  is  added  or  if  the 
network  is  migrated  to  a  different 
technology 

Equant  has  been  offering  all 
four  SNAP  services  to  a  handful  of 
beta  customers  for  the  past  nine 
months.  One  European  financial 
services  firm  used  the  SNAP  ser¬ 
vices  to  test  how  the  company’s 
network  would  respond  to  an 
increase  in  Web  traffic  prompted 
by  a  new  advertising  campaign.  A 
consumer  products  company 
used  the  SNAP  services  to  deter¬ 
mine  why  its  SAP  applications 
were  not  performing  up  to  par. 

“We  got  the  software  develop¬ 
ers  involved  and  optimized  the 
design  of  the  SAP  application 


and  matched  it  up  with  the  net¬ 
work,”  daCosta  says. 

“We  went  from  almost  losing  this 
customer  because  they  thought 
our  network  wasn’t  responding  to 
the  point  where  they  contact  us 
before  making  changes  to  appli¬ 
cations,”  he  adds. 

Once  the  SNAP  services  are 
engaged,  Equant  will  offer  cus¬ 
tomers  an  application  SLA. 
Equant  says  interest  in  its  SNAP 
services  and  Application  SLAs  are 
coming  from  companies  with 
mission-critical  applications  such 
as  SAP  and  Oracle. 

Equant  says  the  SNAP  services 
cost  anywhere  from  tens  to  hun¬ 
dreds  of  thousands  of  dollars. 
The  ongoing  Application  Perfor¬ 
mance  Analysis  service,  with  the 
Packeteer  devices,  costs  be¬ 
tween  $200  and  $500  per 
month,  per  site.  ■ 
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UltraMatrix™ 

Remote 


KVM  OVER  IP 


MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 


System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
\  provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 

.  -  -  - 

■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
y  server  rooms  and  multiple  computers. 

\  The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
h'-r  drawer.  This  easy-glide  KVM  drawer  contain  a  high-resolution  TFT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 
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UltraMatrix™  ■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 

E-series  2  -  4  KVM  STATIONS  TO  1 ,000s  OF  COMPUTERS 

KVM  SWITCH  •  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  On-screen  menu  informs  you  of  connection  status  between  units 
in  an  expanded  system 

•  Powerful,  expandable,  low  cost 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

•  Video  resolution  up  to  1600  x  1280 

•  Available  in  several  models 

•  Easy  to  expand 

The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 

4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 


XtendVue  RackView 

Vertical  Rack  mountable  LCD  Fold-Forward 
With  Buit-in  KVM  Extender 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


RackView 

Keyboard 
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SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


LOCAL  OR  REMOTE  SERVER  MANAGEMENT  SOLUTIONS 
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MANAGEMENT  STRATEGIES 

■  CAREER  DEVELOPMENT  E  PROJECT  MANAGEMENT  S  BUSINESS  JUSTIFICATION 

Grant  Thornton  standardizes  IP  PBXs 

Firm’s  telecom  manager  recounts  the  savings  and  productivity  gains. 


BY  KEVIN  LOPEZ 

Thank  goodness  we  followed  a  telecom  system  standardization  process. 
That’s  what  I  think  looking  back  at  where  Grant  Thornton  was  com¬ 
pared  with  where  we  are  now.  Grant  Thornton,  LLP  is  the  U.S.  member 
firm  of  Grant  Thornton  International,  a  global  accounting,  tax  and  business 
advisory  organization. The  organization  has  member  firms  in  1 10  countries, 
including  49  offices  in  the  US. 


When  I  accepted  the  position  of  national  manager  of 
telecommunications  in  November  1998,  the  firm  didn’t 
have  a  telecom  department.  Each  office  did  its  own  thing 
when  it  came  to  telecom,  with  managers,  partners,  or  in 
some  cases,  IT  folks  making  decisions.  Soon  after  taking 
the  job,  I  realized  it  would  be  a  bigger  task  than  I  antici¬ 
pated.  Today,  my  six-person 
telecom  department  sup¬ 
ports  4,400  employees. 

In  1998  we  had  44  offices, 
with  a  mixed  bag  of  PBXs, 
key  systems  and  Centrex 
lines. We  needed  to  address 
potential  Y2K  issues  such  as 
system  software  not  being 
able  to  roll  to  2000.  In  doing 
so,  we  knew  changes  would 
be  made  to  our  environ¬ 
ment  to  allow  for  growth, 
align  our  business  strategy  and  enable  all 
offices  to  work  as  one  firm. 

We  agreed  to  replace  any  telecom  system  that  required 
more  than  $5,000  in  upgrades.  Our  goals  were  to  be  cer¬ 
tain  we  wouldn’t  be  hit  with  any  Y2K  issues  and  begin  our 
telecom  standardization  process.  Lucent  Technologies 
(now  Avaya)  won  our  business  because  of  its  good  tech¬ 
nical  foresight. 

To  make  this  phase  of  the  project  and  our  overall  plan  a 
success,  the  support  of  senior  leadership  was  critical.  We 
put  benefits  into  terms  managers  could  relate  to: 
Standardization  gives  you  the  ability  to  change  directions 
quicker  and  support  the  environment  with  greater  effi¬ 
ciency  because  the  processes  were  built  to  align  with  our 
overall  strategy  Sharing  our  intentions  fostered  trust  and 
opened  lines  of  communication. 

In  the  first  year,  we  replaced  25  systems.  As  with  most 
in  the  industry  Y2K  came  and  went  without  any  prob¬ 
lems,  and  we  continued  replacing  systems.  Establishing 
a  process  for  upgrades  and  system  enhancements  con¬ 
tributed  to  the  evolution  of  our  organization. 


When  we  were  rolling  out  PBXs,  I  was  tasked  with  map¬ 
ping  our  growth  strategy  with  an  eye  on  business  conti¬ 
nuity  Strategic  initiatives  such  as  five-digit  dialing  among 
Grant  Thornton  offices  allowed  personnel  to  operate 
together  regardless  of  location.  Our  mantra  was  not  to  do 
technology  for  the  sake  of  technology  but  to  implement 


technology  that  complemented  our  environment  and 
made  business  sense. 

We  passed  on  VoIP  technology  from  Cisco,  which  was  in 
the  early  stages  of  establishing  a  presence  in  the  market. 
Our  plan  was  less  expensive  and  provided  us  with  space 
to  grow  without  having  to  replace  our  entire  environ¬ 
ment.  Having  purchased  new  digital  phones  in  1999  and 
2000,  we  didn’t  see  any  benefit  in  replacing  them  with  IP 
phones. 

Instead,  we  opted  to  implement  IP 
trunking  in  2001,  hoping  for  at  least  a 
25%  decrease  in  long-distance  costs.  We 
didn’t  have  a  way  to  track  interoffice 
dialing, so  the  25%  was  just  an  educated 
guess.  We  also  implemented  a  call 
accounting  package  and  E911  from 
RedSky  Technologies  to  help  us  mea¬ 
sure,  track  and  report  on  our  savings; 
and  a  phonetic  directory  that  lets  users 
easily  locate  each  other. 


These  add-ons  were  reinvestments  of  the  money  we 
saved  through  lowered  maintenance  costs,  the  cancel¬ 
lation  of  local  telco  services  and  telecom  cost  auditing. 
A  year  after  our  VoIP  trunking  was  in  place,  we  noticed 
a  65%  decrease  in  our  long-distance  bills,  saving  more 
than  $400,000.  This  financial  efficiency  and  potential 
growth  opportunity  built  confidence  in  the  team  and 
showed  senior  leadership  we  were  aligned  with  the 
firm's  goals.  It  gave  the  telecom  department  a  con¬ 
tributing  voice  in  mapping  the  direction  of  all  con¬ 
verged  technologies. 

By  2003  we  had  a  robust  network,  IP  trunking  in  full 
swing,  call  accounting  and  phonetic  operator  running  on 
our  network.  We  followed  the  convergence  path  and 
implemented  Avaya’s  Modular  Messaging,  a  unification 
product  for  e-mail  and  voice  mail.  The  technology  con¬ 
verges  two  major  forms  of  communication  without 
increasing  overall  costs.  Our  road  warriors  can  listen  to 
voice  mail  and  read  e-mail  at  the  same  time  over  a  VPN 
connection.  Replies  and  requests  are  addressed  faster 
and  information  can  be  shared  among  team  members 
more  easily 

In  late  2004,  we  upgraded  our  major  hubs  (Chicago, 
New  York,  Los  Angeles  and  Dallas)  to  the  next  generation 
of  Avaya’s  IP  systems,  the  S8700,  but  did  not  see  any  ben¬ 
efit  in  changing  our  phones.  We  gained  redundancy 
along  with  better  software  and  the  ease  of  migration  for 
future  IP  and  SIP  applications.  For  example,  we  can  add 
next-generation  G700  media  gateways  with  an  S8300 
media  server  (local  survivable  processor)  in  the  field  that 
runs  from  the  S8700,  which  contains  the  licenses  and 
brains  of  the  telecom  system.  The  benefits  of  such  an 
arrangement  include  enterprise  licensing,  increased  call 
handling  for  voice  mail  calls,  limited  systems  for  pro¬ 
gramming  and  remote  survivability  if  the  link  goes  down. 
It  also  limits  upgrade  and  hardware  costs,  and  makes 
moves  easier. 

The  year  2005  has  been  a  resting  period  of  sorts.  Our 
goals  have  focused  on  a  few  minor  upgrades,  system 
maintenance  and  future  planning.  Our  vision  is  to  ride  the 
VoIP  wave, choosing  products  that  will  provide  cost  saving 
or  business  alignment  and  passing  on  those  that  do  not  — 
for  example,  IP-only  systems  that 
require  us  to  replace  our  current  infra¬ 
structure  and  scrap  our  investment. 

Having  seen  the  evolution,  of  IP  and 
convergence  products,  we  reaiize 
choices  must  be  a  balance  of  busi¬ 
ness  goals,  company  direction  and 
cost-saving  financial  analysis. 

Lopez  can  be  reached  at 
Kevin.Lopez@GT.com. 


«0  ur  vision  is  to  ride  the 
VoIP  wave,  choosing  prod¬ 
ucts  that  will  provide  cost 
savings  or  business  align¬ 
ment  and  passing  on  those 
that  do  not.  55 

Kevin  Lopez ,  telecom  manager,  Grant  Thornton 
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Years  of  progress 
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OBSERVER 


How  much  does  your  network  analyzer  see? 

Observer  is  the  only  fully  distributed  network  analyzer  built 
to  monitor  the  entire  network  (LAN,  802.1  la/b/g,  Gigabit, 
WAN).  Download  your  free  Observer  10  evaluation  today 
and  see  how  Observer  puts  you  in  the  driver's  seat  with  more 
real-time  statistics,  more  in-depth  analysis  and  more  network 
advantages  than  ever  before.  Choose  Observer. 


-CRPRC  i  tv  PiRnn  i  nc-  Determine  how  much  bandwidth 
your  router  will  need  based  on  historical  usage  patterns  with 
Network  Trending. 

-foresight-  Predict  how  network  changes  wilt  affect 
your  response  times  with  "What-lf 1  Modeling  Analysis. 

-no  5 1  onRL  -  Find  rogue  access  points,  monitor  access 
point  load  and  scan  wireless  channels  continuously  with  over 

50  WLAN  Expert  Conditions. 

' 

US  &  Canada  toll  free  800.526.5958 
fax  952.932.9545 

UK  &  Europe  +44  (0)  1959  569880 

www.networkfnstrumerifs.coiii/analyze 


Need  Secure  Console  Management? 


SSH  or  Out-of-Band  Access  to  Consoles  at  Remote  Locations 


L 


■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 


Web  Browser  Interface 
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Visit  Website  for  Complete  NetReach™  Product  Line 

(800)  854-7226  •  www.wti.com 
5  Sterling  •  Irvine  •  California  92818-2517 
(948)586-9950  •  Fax:(949)583-9514 


SECURE  CONSOLE  MANAGER 


Irvins. 


5  Storing.  Irvine.  Ca.  92618  —  hitpVVwww  wtt  com 
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TACACS  &  RADIUS  Authentication 
Dial-Back  Security  on  Modem  Port 
Command  Logging  with  Audit  Trail 
SYSLOG  Reporting 
NTP  Server  Ready 
Any-to-Any  Port  Switching 
Non-Connect  Port  Buffering 
Port-Specific  Password  Protection 
Data  Rate  Conversion 
Rack  Mountable  -  Requires  1  Rack  Unit 
115/230  VAC  or  -48  VDC  Models 


The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  on  UNIX  servers,  routers  and  any  other 
network  elements  which  have  a  serial  console  or  craft  port.  System  administrators 
can  access  serial  maintenance  ports  over  the  network  via  SSH  connections  and  simple, 
menu-driven  commands  or  through  a  discrete  TCP  port  connection,  mapped  directly  to 
one  of  the  SCM-16  serial  outputs. 


Yes,  We  are  Customer  Friendly! 

✓  Two  Year  Warranty 

✓  We  Stock  for  Same  Day  Shipment 

✓  30  Day  Return  Policy 

✓  Call  or  Email  for  an  Online  Demo 
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The  Next-Generation  IT  Infrastructure 

Cyclades  AlterPath™  System  is  the  industry's  most  comprehensive  Out-of-Band 
Infrastructure  {OOBI)  system.  The  AlterPath  System  allows  remote  data  center 
administration,  eliminating  the  need  for  most  time-consuming,  remedial  site 
visits.  When  fully  deployed  in  your  data  center,  Cyclades  AlterPath  System  lowers 
the  risks  associated  with  outages,  improves  productivity  and  operational 
efficiency,  and  cuts  costs. 

Each  component  of  the  AlterPath  System  is  designed  to  seamlessly  integrate 
into  the  enterprise,  able  to  scale  in  any  direction.  Whether  you  need  serial 
console  management  of  networking  equipment,  KVM  for  access  to  Windows® 
servers,  branch  management,  IPMI  or  HP  iLO  for  service  processor 
management,  or  advanced  power  management,  the  AlterPath  System  delivers. 
Cyclades  brings  it  all  together,  making  OOBI  administration  seem  like  child’s  play. 

Over  85%  of  Fortune  1 00 
choose  Cyclades. 

www.cyclades.com/nw 

1.888.cyclades  •  sales@cyclades.com 
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dtSearch 


Instantly  Search 
Terabytes  ofjext 


Desktop  with  Spider  ($'»i 

Network,  th Spider.— 
..  .  Cnider  (^m$999) 


Web  with 


blish  for  CD/DVDS  I- “ 
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Engine 
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■  -  for  Win  &  ■ 


Engine 


2JLU  U  UUU11 1 V*  >  ^  i  ■  “ 1 

The  Smart  Choice  for  Text  Retrieval®  since  1991 


♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF  while  displaying  embedded 
links,  formatting  andlTiiMir&l 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 
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Reviews  of  dtSearch 

♦“The  most  powerful  document  search  tool  on  the  market”  —  Wired  Magazine 
♦“dtSearch ...  leads  the  market”  —  Network  Computing 
♦“Blindingly  fast”  —  Computer  Forensics:  incident  Response  Essentials 
♦“A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 
♦“Super  fast,  super-reliable”  —  The  Wall  Street  Journal 
♦“Covers  all  data  sources ...  powerful  Web-based  engines”  — ■  eWEEK 
♦“Searches  at  blazing  speeds”  — Computer  Reseller  News  Test  Center 
See  www.dtsearch.com  for  hundreds  more  reviews  &  case  studies 


r--l 


1  -800-IT-FINDS  •  www.dtsearcli.com 
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Reel-time  Ar.tivatinn  nf  Tnll  Free  ~~  ■ 


Real-time  Activation  of  Toll  Free, 

Local,  and  International  Telephone  Numbers 


free  Service  As  Versatile 
as  You  and  Your  Business 


NO  EQUIPMENT  TO  BUY 
NO  SOFTWARE  TO  INSTALL! 
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Not 

another 

VoIP 

solution! 


Toll-free  service  without  the  hassle. 
Pay-as-you-go  with  no  contract. 

Add  a  toll-free  number  for  only  $2* 
and  keep  your  current  phone  service; 
there  is  no  need  to  switch! 

V:6-  :  ■  ; 

Power:  Keep  or  choose  your  toll  free 
number!  Add  .new  numbers  anytime! 

Cbntrci  Take  your  toll  free  number 
with  you  and  never  miss  calls! 

r  reedorn :  Change  where  your 
toll  free  number  rings  with  the 

■  click  of  a  mouse! 

■  ■  ‘  ■’ 

FleXBSijify:-  Route  calls  by 
•  day,.. time,  call  area  -  even 
'.custom  route  specific  callers! 

P^f^eHC-Ov';  Record  calls, 
*'ViewCall  detail  -  even 
Caller  l  D  nn 


Works  with  every  phone  system, 
whether  pulse,  tone,  digital, 
cellular,  wireless  device,  or  IP. 

Instant  activation  of  numbers! 

★  24/7  Secure  Online  Control 

★  View/Retrieve  Faxes  and 

Voice  Mail,  online  or  in  email 

★  Real-time  Call  Detail 

★  Reporting  and  analysis  tools 

★  Over  a  Dozen  Features: 

Call  Blocking,  Conferencing, 
Call  Recording,  Custom  Call 
Routing  and  Distribution, 
Automated  Receptionist, 
...and  MORE! 
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two  Caller I.D.  on 
calls! . 


Truly  as  little  as 
$2  per  month  and 
C°^.ces'.  ‘just  6.9c  per  minute! 
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1.866.930.3131 
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i  you  call  or  sign  up  via  the  Web, 
your  activation  fee! 


GDI  offers: 

p-»  Hardware  encryption  over  dial-up 
and  network  connections 
r>-«  RSA  certified  SecurlD  authentication 
without  a  network. 
r1-*  Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications  9-n. 

Remote  Power  control 

Homologous  world-wide  approved  *-n. 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
www.outofbandmarlg^^^^H 


How  Do  'oil  Dist  ibute 
Power  in  Your  Data 
Center  Cabinet? 


With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 


The  Sentry  CDU  distributes  power  for  Blade  servers  or  up  to  42  dual 
power  1U  servers  in  one  enclosure.  Single  or  3-phase  input  with 
110VAC,208VAC  or  mixed  110/208VAC  single-phase  outlet  receptacles. 


Metered  CDU 

>  Local  input  Current  Monitoring 


Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Tern  matures 
and  Humidity 


Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology 

Solutions  fur  the  Data  Center  Equipment  Cabinet 


Serw  Technology.  Inr 
1040  Sandhill  Drive 
Reno,  NV  89521  -USA 


•  • 


toll  free +1.800.835.1515 
tel  +1.775.284.2000 
fax  +1775.284.2065 
sa!es@servertech  .com 
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Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 
Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW  2005 


WLAN 

SPECTRUM  ANALYZER 

True  Spectrum  Analysis! 
Not  a  WLAN  chip  set 


Ail  2.4  and  5 
GHz  bands  in 
one  unit  for 
only  $4400. 

Single  band 
2.4  GHz  unit 
for  only  $2600. 
Calibrated  Antennas 
Immediate  Delivery 


BANTAM  INSTRUMENTS 

www.Bantamlnstruments.com 


Looking  ahead  to  your  next  network  project? 
Need  information  now? 

Check  out  VENDOR  SOLUTIONS  for  the  most  comprehensive  information 
on  network  IT  products  and  solutions  for  your  business  including: 

>  White  Papers 

>  Special  Reports  Visit  www.networkworld.com/vendorsolutions  today. 

“  KTWORKWORLD 

>  Marketplace  Product  Finder 


TAP  into  Performance 
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Optical  Fiber  nTAP 

Multiple  split  ratios 
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Six  channel . 
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Monitor  the  REST  of  your  Computer  Room! 


•  Water  on  the  Floor 

•  Temperature 

•  Power  Problems 

•  Security 

•  Smoke  and  Fire 

•  Humidity 

•  Video 

•  And  much  more 


Sends  Monitors 

SNMP  64 

Messages  IP  addresses 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 
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Dealers  Wanted 


Internal  Voice, 
Power  Ethernet  Modem 
Control  Port  &  Pager  Port 
Interface 


Sensor  Inputs 

(Temperature.  Humidity, 
Water,  Motion.  Po#er, 
Smoke/fire) 

Expandable 


SENSAPHONE 

Tel:  877-373-2700 

901  Tryehs  Road 

www.ims-4000.com 

Aston,  PA  19014  \ 
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HP  PROLIANT  BL20p  G3  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel®  Xeon™  Processor  (3.60GHz/2MB)' 

•  High  density:  Up  to  48  servers  per  rack 

■  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based  networked 
managment  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 


HP  STORAGEWORKS  MSA1500cs 


Get  2TB  of  Storage  Free  ($2,800  Value)2 
■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

•  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 

•  2GB/1GB  Fibre  connections  to  host 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel®  Xeon™  Processor  simplifies  server  management. 
Simple  to  set  up,  simple  to  monitor,  simple  to  manage.  It  all  starts  with  the  Rapid  Deployment 
Pack,  giving  you  an  automated  setup  process  to  configure  and  deploy  servers  at  a  high  volume 
and  a  rapid  pace.  Then  HP  Systems  Insight  Manager™  carefully  monitors  your  infrastructure, 
alerting  you  to  potential  problems  before  they  occur.  And,  whenever  you're  away  from  the  office, 
the  remote  management  features  let  you  manage  your  server  no  matter  where  you  are.  Plus,  you 
can  bundle  it  with  the  HP  StorageWorks  MSA1500  to  make  storing  your  data  simple,  scalable 
and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more  technology  when  you 
do  and  more  support  after. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SAAART  SUPPORT 


Download  a  free  I  DC  white  paper: 

Reducing  Total  Cost  of  Ownership 
Through  the  Use  of  Blade  Systems. 

Save  $750  instantly 

on  a  blade  enclosure  solution?4 
See  Web  site  for  details. 


Call  1-866-356-6088 
Click  hp.com/go/bladesmag8 
Visit  your  local  reseller 
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y  house  dates  from 
the  1920s,  with  addi¬ 
tions  from  before 
and  after  World  War  II.  I  tell 
you  this  because  it  explains 
why  my  plumbing  is  a  nightmare.  In  fact,  last  week  one  of 
the  ball-cock  valves  in  a  toilet  expired  despite  my  best 
efforts  to  repair  it  over  the  previous  five  years. 

The  valve,  manufactured  in  the  1940s  by  American 
Standard,  I  believe,  is  made  of  solid  brass  and  is  designed 
upside  down  —  instead  of  connecting  to  a  water  supply 
pipe  that  enters  the  tank  from  the  bottom,  the  valve  is  fed 
from  a  pipe  that  enters  the  tank  from  the  top. 

This  valve  is  not  easily  replaced,  but  I  came  up  with  a 
solution:  Using  a  variety  of  piping  and  elbows  along  with 
a  ball-cock  valve  from  an  air  conditioner,  I  created  a  work¬ 
able  replacement  that  I  immediately  classified  as  a  fine 
example  of  Frankenplumbing. 

My  house  is  full  of  Frankenplumbing.Theres  a  maze  of 
copper,  galvanized,  brass  and  plastic  pipe-work  lurking 
under  the  house,  and  some  of  it  is  sound  though  much  of 
it  is  decaying.  And  it  is  draped  from  one  beam  to  the  next 
and  winds  around  and  through  joists.  It  has  been  cut  off, 
capped  off,  welded,  brazed,  extended  and  joined. 

This  got  me  thinking.  My  house  and  office  networks  are 
also  full  of  Frankenplumbing.  I  have  wiring  that  has  grown 


Frankenplumbing 
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organically  over  a  much  shorter  period  than  my  plumbing 
but  has  become  even  more  labyrinthine.  On  top  of  that  I 
have  network  services  and  tools  that  have  become  hard 
to  reorganize  without  a  complete  strip  down  and  rebuild 
—  the  prospect  of  which  makes  me  shudder. 

Now  my  network  hardware  and  software  is  obviously 
smaller  than  yours,  which  leads  me  to  wonder  how  much 
more  Frankenplumbing  we  would  find  in  your  IT  infra¬ 
structure?  How  intricate  is  your  collection  of  services  and 
connections?  Do  you  even  believe  you  know  the  full  hor¬ 
ror  of  your  system? 

The  problem  is  if  you  do  anything  that  disturbs  the  status 
quo  of  your  Frankenplumbing  your  life  will  become  much 
harder.  Any  minor  change  will  usually  break  something, 
and  major  changes  are  guaranteed  to  cause  chaos. 

Part  of  the  reason  things  break  is  that  your  network  is 
really  just  an  extension  of  your  business  processes  and 
those  processes  are  just  as  much  a  part  of  the  organiza¬ 
tion’s  Frankenplumbing  as  the  core  IT  systems  are. 

So  what  are  you  to  do  with  your  part  of  the  mess? 
Nothing. There  really  isn’t  anything  major  you  can  do, 
because  if  you  were  to  clean  it  up  you  would  find  that 
within  a  couple  of  years  at  most  and  weeks  at  least,  what¬ 
ever  bright,  shiny,  highly  organized  and  logical  system  you 
created  would  degenerate  into  a  different  but  fundamen¬ 
tally  similar  mess  as  the  one  you  just  cleaned  up! 


This  then  is  the  real  foundation  of  IT,  particularly  at  the 
enterprise  level:  The  IT  group  is  there  to  fix,  add  to  and 
sometimes  replace  the  Frankenplumbing  for  as  little  cost 
as,  and  with  the  least  disturbance  to  the  system,  as  possible. 

That  tells  you  something  important  about  the  kind  of 
people  you  need  in  an  IT  operation.  Among  all  the 
groups,  the  analysts,  the  programmers,  the  support  techs 
and  so  on,  you  want  to  have  a  fair  number  of  MacGyvers 
who  are  happy  to  grapple  with  the  Frankenplumbing  and 
capable  of  using  some  digital  bailing  wire  and  virtual 
chewing  gum  to  create  a  workable  fix. 

This  quality  of  creativity  and  problem  solving  is  much 
underrated  in  IT  and  separates  the  outstanding  IT  shops 
from  the  rest. 

For  my  house,  I  need  to  find  a  creative  and  problem¬ 
solving  plumber  to  start  refurbishing  the  Franken¬ 
plumbing  even  though  I  know  that  in  another  10  or  20 
years  the  house  will  have  to  be  refurbished  all  over  again. 
Once  my  house  plumbing  starts  getting  fixed,  I  will  be 
able  to  start  refurbishing  my  network  Frankenplumbing. 
Unfortunately  I  know  that  my  network  won’t  stay  pristine 
for  anything  like  as  long  as  my  real  plumbing. 

MacGyverisms  to  backspin@gibbs.com  and  see  Gearblog 
at  www.  networkworld.  com/ weblogs/ gearblog  for  the  sheer 
pleasure  ofjt. 


ETBliZZ 


News,  insights,  opinions  and  oddities 


Paul  McNamara 


More  might  makes  right 

In  wading  through  all  the  commentary  this  week  about 
the  Bush  administration’s  dictate  that  the  U.S.  govern¬ 
ment  shall  retain  ultimate  control  of  the  Internet's  13  root 
servers  for  as  long  as  it  damn  well  pleases,  I  found 
myself  muttering  the  same  question  over  and  over: 

Did  anyone  really  expect  anything  different?  ...  If  so,  we’ll  need  to  add  a  new  wing 
onto  the  Naivete  Hall  of  Fame. 

Yes,  it  has  been  a  written  U.S.  policy  since  1998  that  the  Internet  Corporation  for 
Assigned  Names  and  Numbers  (ICANN)  and  its  international  panel  of  directors  would 
be  set  free  of  the  oversight  of  the  U.S.  Commerce  Department  by  2006.The  recent  fiat 
—  announced  online  two  days  before  the  long  holiday  weekend  by  an  assistant  secre¬ 
tary  of  the  Commerce  Department —  does  represent  a  direct  and  unilateral  reversal. 
So  I  suppose  that  might  constitute  a  basis  for  surprise  in  certain  circles  —  certain 
woefully  unaware  circles. 

But  let's  not  forget  that  Bill  Clinton  was  president  in  1998  and  Sept.  11  was  just  anoth¬ 
er  day  on  the  calendar. 

The  current  occupant  of  the  White  House  is  famous  for  having  bragged:  "In  Texas,  we 
don’t  do  nuance.”  (My  personal  choice  for  the  man's  most  maddening  utterance.) 

Nor  does  he  do  international  cooperation.  While  Bush  might  make  a  perfunctory  pass 
at  playing  nice  with  other  countries  —  when  doing  so  suits  his  political  purposes  — 
there  can  be  at  this  point  in  his  administration  no  doubt  as  to  the  principles  that  govern 
U.S.  relations  abroad.  Whether  we’re  talking  about  protecting  the  environment,  choos¬ 
ing  a  nominee  to  represent  the  U.S.  before  the  U.N.,  or  most  especially  waging  war  in 
Iraq,  this  administration  believes  in  nothing  as  fervently  as  it  does  America's  right  to 
act  alone  and  irrespective  of  foreign  opinion. 

And  you  expected  them  to  relinquish  the  keys  to  the  Internet? 

The  Bush  administration  would  sooner  establish  a  White  House  Debate  Society  and 
invite  Kofi  Annan  to  be  its  chair. 

Yet  the  ICANN  news  was  met  with  varying  degrees  of  wonderment  here  and  abroad. 

"This  seems  like  an  extension  of  American  security  in  the  aftermath  of”  Sept.  11,  a 


Denmark  technology  consultant  told  the  Associated  Press.  “People  will  ask:  ‘Do  the 
Americans  want  to  control  the  Internet?”’ 

Do  we  set  off  fireworks  on  the  Fourth  of  July? 

That  the  decision  was  all  but  preordained  doesn’t  address  whether  it  was  cor¬ 
rect  or  not,  of  course.  Did  the  U.S.  do  the  right  thing  here?  Even  among  those  who 
expected  no  other  decision  from  our  government,  there  has  been  spirited  debate 
as  to  whether  the  administration  is  justified  in  imposing  its  will  on  the  Internet  at 
large. 

We'll  dismiss  out  of  hand  those  who  carp  that  because  the  Internet  was  invented 
here  we  get  to  lord  over  it  in  perpetuity.  More  rational  defenders  of  the  policy  reversal 
argue  that  the  U.S.  is  uniquely  qualified  to  make  decisions  governing  the  operation  of 
those  root  servers,  and  that  the  nation  has  too  much  at  stake  —  both  in  terms  of  secu¬ 
rity  and  business  interests  —  to  risk  the  uncertainties  of  international  oversight.  (This 
camp  will  no  doubt  see  a  vindication  of  sorts  in  last  week’s  terrorist  attack  on  London, 
tortured  though  that  logic  may  be.) 

Seems  there  are  two  ways  for  the  layman  to  address  this  question: 

One  possibility  is  that  the  U.S.  and  only  the  U.S.  can  handle  this  job,  particularly  if 
protecting  U.S.  business  and  security  interests  is  paramount. 

The  second  is  that  the  U.S.  holds  no  such  monopoly  on  will,  wisdom  or  technical 
wherewithal,  and  that  the  international  community  has  every  bit  as  much  at  stake  in 
keeping  the  Internet  up  and  humming. 

The  first  strikes  me  as  an  extraordinarily  difficult  proposition  to  defend  — -  not  to 
mention  extraordinarily  arrogant. 

But  all  of  this  discussion  about  right  and  wrong  is  for  naught  because  the  question 
was  never  an  open  one. 

There  is  chatter  among  the  international  Internet  community  to  the  effect  that 
something  must  be  done  to  get  the  U.S.  to  change  course. They  should  save  their 
breath  and  instead  mark  their  calendars  for  Jan.  20,  2009. 

A  new  administration,  Republican  or  Democrat,  may  well  see  the  matter  differently. 

Do  you?  The  address  is  buzz@nww.com. 


|F  rYTJU’RE  CONSIDERING  VOICE  OVER  IP  TELEPHONY,  CONSIDER  YOUR  OPTIONS: 
■  ONLY  FOUNDRY  NETWORKS  GIVES  YOU  A  TRUE  VENDOR  AGNOSTIC  SOLUTION  THAT 

WORKS  WITH  THE  EQUIPMENT  YOU  CHOOSE  -  OR  ALREADY  HAVE.  SO  WHETHER 

YOU’RE  USING  AVAYA,  SIEMENS,  CISCO  OR  NORTEL,  FOUNDRY  NETWORKS  GIVES 


VOICE  TO  YOUR  NETWORK 


Foundry’s  integrated  Power  over  Ethernet-  and  Quality  of  Service-based  switches  deliver  the  most  scalable,  secure  VoIP 
architecture,  with  the  lowest  latency  and  highest  performance  for  both  wired  and  wireless  IP  telephony.  Foundry  sup¬ 
ports  all  the  VoIP  features  you  need,  including  automatic  phone  discovery,  embedded  endpoint  security,  dynamic  L2-3 
QoS  support  and  wireless  mobility.  And  only  Foundry  lets  you  select  best-of-breed  or  low-cost  IP  phones,  conferencing, 
PBX,  and  voice/media  gateway  solutions  and  be  assured  of  full  compatibility. 


Fastlron  SuperX 


WANT  VOIP?  GET  FOUNDRY.  NO  COMPROMISE. 


The  Power  of  Performance™ 


Visit  us  Today  at  www.foundrynetworks.com/voip 

OR  CALL  US:  1  SSS  TURBOLAN  INTERNATIONAL:  +1  40S.586.1700 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions  including  Layer  2/3 
LAN  switches.  Layer  3  Backbone  switches,  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 

©  2005  Foundry  Networks,  the  Foundry  logo,  Fastlron  SuperX, The  Power  of  Performance  and  Foundry  are  trademarks  of  Foundry  Networks,  Inc. 

All  other  marks  are  trademarks  of  their  respective  owners. 
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■  NetVanta  1 224R/1 224STR  Series 

802  3af 

Power  over  All-in-One  Access  Platform  with 
Ethernet  Switch/Router/FirewallA/PN/DSU/CSU 


.  „■  I 


NetVanta  1224/1 224ST  Series 

' •  -j-7  Managed  Fast  Ethernet  and 
.  '  |  A->  Powered  Ethernet  Switches 


NetVanta  1524ST 

Managed  Gigabit  Ethernet  Switch 


(at  the 
right  price). 


NetVanta  340 

Business-class  ADSL2+  Router 


NetVanta  3200 

Modular  2xT1/ADSl2+  Branch  Office 
Routers  with  Firewall/VPN/Voice/Dial  Backup 


NetVanta  3205/3305/4305 

Modular  2xT1/3xT1/8xT1  Routers  with 
Firewall/VPN/Voice/Dial  Backup 


NetVanta8  Switches,  Routers,  and  VPN  Solutions 


Is  voice  and  data  networking  costing  you  more  than  it  should? 

You  no  longer  have  to  pay  premium  prices  for  brand  name 
gear  to  perform  customary  internetworking  tasks.  With  the 
NetVanta  Series  from  ADTRAN  ';  you  can  implement  the  exact 
intemetivorking  functionality  you  need,  at  a  cost  that’s 
i/ork  often  50%  less  than  competing  brand  name  solutions, 
hout  Choose  from  switching ,  routing,  and  VPN  platforms. 

s<n9  Modular  chassis  and  deep  product  lines  let  you  pick 
Ince-  and  choose  just  the  right  solution  for  any  application 
with  data,  voice,  VoIP,  Internet,  backup,  and  management— 
anta.  across  networks  ranging  from  56  kbps  to  GigE.  Every 

solution  is  backed  by  a  100%  satisfaction  guarantee  from 
ADTRAN,  unlimited  telephone  technical  support  (before  and 
after  the  sale),  free  firmware  upgrades,  and  a  full  5-year  warranty. 


Lower  network 
costs  without 
compromising 
quality,  performance, 
or  support  —  with 
NetVanta. 


NetVanta  5305 

Modular  2xT3  Router  with  Firewall/VPN 


Why  pay  more  (when  you  don’t  have  to)? 


NetVanta  2050/2054/2100 

Home  Office/Small  Office  VPN  Gateways 
with  Firewall/Multi-Port  Switch 


NetVanta  2300/2400 

Medium  to  Large  Office  VPN 
Gateways  with  Firewall 


Register  to  win  a  free  NetVanta  1224STR  now! 

www.adtran.com/rightprice  ’ 

Have  a  question  about  network  design?  How  to  implement  ^ 

VoIP  in  your  network?  Our  network  engineers  are  standing  by. 

800  597  9602  Technical  Questions 
877  280  8416  Where  to  Buy 


The  Network  Access  Company 
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